General
-
Target
JaffaCakes118_a3a2e1b55e4d031fab2e57f28a1f331a3bf33b3bafc84c109aa85a105879dbf7
-
Size
52KB
-
Sample
241223-tkhh7atrdr
-
MD5
5c1a8ac56d0a6065c353ef0aa5ceaef3
-
SHA1
bd638652072d984c79fc9d912bc959f0540003b3
-
SHA256
a3a2e1b55e4d031fab2e57f28a1f331a3bf33b3bafc84c109aa85a105879dbf7
-
SHA512
72c60a53d0acb2c357f9b98d4389e12094726b41805e97b8cd4fe199fa9a28c8b7b7feebf85ef548aecd3540f061fade0667f2f645a040e930203091dd9e82dd
-
SSDEEP
1536:oGvP7UkW2vfNG3XJSWVjRU3tORvIpi4haPU:oGvFs3XJSORU3t+vEirU
Behavioral task
behavioral1
Sample
22c8f459658d7a9bc41ad39c5491d6013e68a0fd95b6b9d28ccfb84754eabadd
Resource
debian9-armhf-20240611-en
Malware Config
Extracted
mirai
BOTNET
Targets
-
-
Target
22c8f459658d7a9bc41ad39c5491d6013e68a0fd95b6b9d28ccfb84754eabadd
-
Size
117KB
-
MD5
1ffc6391cbd14941a6bbf63e99574ba3
-
SHA1
e0d0ed3bbd07ac82c62b36c90e98306f7e666f16
-
SHA256
22c8f459658d7a9bc41ad39c5491d6013e68a0fd95b6b9d28ccfb84754eabadd
-
SHA512
43e739848da6df1d94c7b3fdeb5cf9fe6bbdea5c5acc58c02f875ce1fe6a7dce0615bdd29c72cce2e07067629b69ab84a38def50c96928e4a96f6401d0f35eda
-
SSDEEP
3072:FQXIXLM947iz8QDvxdEOm/oic4s0au37mM/9HM:eXIY947iYAvxdEOmAio0auCM/9HM
Score9/10-
Contacts a large (227902) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Enumerates running processes
Discovers information about currently running processes on the system
-