General

  • Target

    43c05c621f95d5d00004aa2ff44488c1_JaffaCakes118

  • Size

    113KB

  • Sample

    240330-ze4r5aeg49

  • MD5

    43c05c621f95d5d00004aa2ff44488c1

  • SHA1

    94631025f50da620fcca8a842216ee19bb7158dd

  • SHA256

    e4006f22c75548cc4765a252e793af3654afc92744a1602427b8cf72129be0cf

  • SHA512

    c2916edb4d3561bc44be107e04b049ea7ee11fecbca64d82c58e188b2df0d7a8efa6e5f1d0ad0b047d4761b8795e8a9c6c9d4d15d11048f73c5c3a6122a420f5

  • SSDEEP

    3072:kiry859a2ADJf9wHYqbgFFo8+HeAB+T1bm7FnVqfJXoebNb:T9a2aLqkrMcBm7FnVqfJXoebNb

Score
10/10

Malware Config

Targets

    • Target

      43c05c621f95d5d00004aa2ff44488c1_JaffaCakes118

    • Size

      113KB

    • MD5

      43c05c621f95d5d00004aa2ff44488c1

    • SHA1

      94631025f50da620fcca8a842216ee19bb7158dd

    • SHA256

      e4006f22c75548cc4765a252e793af3654afc92744a1602427b8cf72129be0cf

    • SHA512

      c2916edb4d3561bc44be107e04b049ea7ee11fecbca64d82c58e188b2df0d7a8efa6e5f1d0ad0b047d4761b8795e8a9c6c9d4d15d11048f73c5c3a6122a420f5

    • SSDEEP

      3072:kiry859a2ADJf9wHYqbgFFo8+HeAB+T1bm7FnVqfJXoebNb:T9a2aLqkrMcBm7FnVqfJXoebNb

    Score
    7/10
    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks