mirai | 34650d94f3b7a96e0aaaa71e425c61a4695c17b215aa8e47adcb8c19637ac487 | Triage

Submit
Reports

Overview

overview

Static

static

JaffaCakes...c15791

debian-9-armhf

7

Sharing

General

Target

JaffaCakes118_0c1f8b33282f0f4274d04b33cfc15791
Size

90KB
Sample

241231-jptf5s1qcj
MD5

0c1f8b33282f0f4274d04b33cfc15791
SHA1

154c277f8db6e95154aebb68e5480554879e2082
SHA256

34650d94f3b7a96e0aaaa71e425c61a4695c17b215aa8e47adcb8c19637ac487
SHA512

4a25deee229f5a056a4295d4c82e1758700e8217569c20670b2e93d8c4c4c6c607619c74cefac553b97dc60c66631c7f8a81a18a8a895a666e613f39935a6b53
SSDEEP

1536:yZnu3bWMS7Er+GvVK6sVFUJ9FpJ0lTzyqjZPNGviXS2lpVicRUJzHva5:p3ydExVKjVFUJ9WzyqjZPNGvmjRUJzv

Score

10^/10

mirai putin discovery

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

JaffaCakes118_0c1f8b33282f0f4274d04b33cfc15791

Resource

debian9-armhf-20240611-en

debian-9-armhf

4 signatures

150 seconds

Malware Config

Extracted

Family

mirai

Botnet

PUTIN

C2

qo.ro.lt

catsquad.co.vu

Targets

- Target
  
  JaffaCakes118_0c1f8b33282f0f4274d04b33cfc15791
- Size
  
  90KB
- MD5
  
  0c1f8b33282f0f4274d04b33cfc15791
- SHA1
  
  154c277f8db6e95154aebb68e5480554879e2082
- SHA256
  
  34650d94f3b7a96e0aaaa71e425c61a4695c17b215aa8e47adcb8c19637ac487
- SHA512
  
  4a25deee229f5a056a4295d4c82e1758700e8217569c20670b2e93d8c4c4c6c607619c74cefac553b97dc60c66631c7f8a81a18a8a895a666e613f39935a6b53
- SSDEEP
  
  1536:yZnu3bWMS7Er+GvVK6sVFUJ9FpJ0lTzyqjZPNGviXS2lpVicRUJzHva5:p3ydExVKjVFUJ9WzyqjZPNGvmjRUJzv
Score

7^/10

discovery
- Deletes itself
- Unexpected DNS network traffic destination
  Network traffic to other servers than the configured DNS servers was detected on the DNS port.
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy