General

  • Target

    4da7b3a97904c4bbdf886128b3de2741_JaffaCakes118

  • Size

    151KB

  • Sample

    240331-fjnf6aef54

  • MD5

    4da7b3a97904c4bbdf886128b3de2741

  • SHA1

    9c8cf50ae3cc26c0a777229f07718a4873e95c83

  • SHA256

    b6963b80d2e906e67eb39b0ab28a5156ae306462396d20fe596cb21e38c40365

  • SHA512

    2e279837a2238c77804ca8a2f6bb458e7d2c24c20422a6e56a067cce3bab4e69bc3879ed123f6e699ac1d4d03435d4e08e2cbe80d2e1eaff2a164f2d2ae836f0

  • SSDEEP

    3072:JW6dm9tS1aRGQdK76t/zCcI5mrThPaLEnvPrNb:c6IG+LChmrThPaLEnvPrNb

Score
10/10

Malware Config

Targets

    • Target

      4da7b3a97904c4bbdf886128b3de2741_JaffaCakes118

    • Size

      151KB

    • MD5

      4da7b3a97904c4bbdf886128b3de2741

    • SHA1

      9c8cf50ae3cc26c0a777229f07718a4873e95c83

    • SHA256

      b6963b80d2e906e67eb39b0ab28a5156ae306462396d20fe596cb21e38c40365

    • SHA512

      2e279837a2238c77804ca8a2f6bb458e7d2c24c20422a6e56a067cce3bab4e69bc3879ed123f6e699ac1d4d03435d4e08e2cbe80d2e1eaff2a164f2d2ae836f0

    • SSDEEP

      3072:JW6dm9tS1aRGQdK76t/zCcI5mrThPaLEnvPrNb:c6IG+LChmrThPaLEnvPrNb

    Score
    7/10
    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks