General
-
Target
7bbf081d9632706d8e812b917830989b_JaffaCakes118
-
Size
105KB
-
Sample
240401-14hrmahb34
-
MD5
7bbf081d9632706d8e812b917830989b
-
SHA1
324faa88a407a30e245a01a7cb5869b4dfcbe023
-
SHA256
36d09c9122b5c507c27a6ceda72b31f4cd75af9b45f0516eebf1c3d668a0909b
-
SHA512
0494378c04c8f4c98d19a0fc1bd96c3b5915b6f90a80fd6c1e28e75e74bf88bc17a6d992d923c02acbb5f9c0c443255f75f9f0a89045f4c71a56ee699f143222
-
SSDEEP
3072:MSY+46m1qOzssGFPnNdDmkZrQAhPDCXFke:06mgOzJGFPvmkZrQAhPDCXFke
Behavioral task
behavioral1
Sample
7bbf081d9632706d8e812b917830989b_JaffaCakes118
Resource
debian9-armhf-20240226-en
Malware Config
Extracted
gafgyt
107.172.201.217:606
Targets
-
-
Target
7bbf081d9632706d8e812b917830989b_JaffaCakes118
-
Size
105KB
-
MD5
7bbf081d9632706d8e812b917830989b
-
SHA1
324faa88a407a30e245a01a7cb5869b4dfcbe023
-
SHA256
36d09c9122b5c507c27a6ceda72b31f4cd75af9b45f0516eebf1c3d668a0909b
-
SHA512
0494378c04c8f4c98d19a0fc1bd96c3b5915b6f90a80fd6c1e28e75e74bf88bc17a6d992d923c02acbb5f9c0c443255f75f9f0a89045f4c71a56ee699f143222
-
SSDEEP
3072:MSY+46m1qOzssGFPnNdDmkZrQAhPDCXFke:06mgOzJGFPvmkZrQAhPDCXFke
Score6/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-