General
-
Target
1ddb277105336c2e66b4e244a8d3de80_JaffaCakes118
-
Size
174KB
-
Sample
240329-kv1cbaec88
-
MD5
1ddb277105336c2e66b4e244a8d3de80
-
SHA1
8ce635b50823c56a24ca91650e40520e25380dd2
-
SHA256
5c674f17be00ef48980141e4549ca8d5e6887503b428993cdaf831a0ee9ba966
-
SHA512
e27c5d545a12b10afe634cb4b5ce9c8671cf2644ca074e2537892d5221f5e8ff2f33443a9b41c62782d5546fd7d7bf4a20625e8466855007fd67ec885aa2052c
-
SSDEEP
3072:Pe1ywfQgR7Ee5ZiI/naVa1w/O/N2B1dSWHqsX43mGnWmgcygSw2EZAi:PMEyjaVa8OwdSWHqvmGnWmgcygSw2EZB
Behavioral task
behavioral1
Sample
1ddb277105336c2e66b4e244a8d3de80_JaffaCakes118
Resource
debian9-armhf-20240226-en
Malware Config
Targets
-
-
Target
1ddb277105336c2e66b4e244a8d3de80_JaffaCakes118
-
Size
174KB
-
MD5
1ddb277105336c2e66b4e244a8d3de80
-
SHA1
8ce635b50823c56a24ca91650e40520e25380dd2
-
SHA256
5c674f17be00ef48980141e4549ca8d5e6887503b428993cdaf831a0ee9ba966
-
SHA512
e27c5d545a12b10afe634cb4b5ce9c8671cf2644ca074e2537892d5221f5e8ff2f33443a9b41c62782d5546fd7d7bf4a20625e8466855007fd67ec885aa2052c
-
SSDEEP
3072:Pe1ywfQgR7Ee5ZiI/naVa1w/O/N2B1dSWHqsX43mGnWmgcygSw2EZAi:PMEyjaVa8OwdSWHqvmGnWmgcygSw2EZB
Score9/10-
Contacts a large (71328) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Changes its process name
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-