General
-
Target
85bb5cf732c4b1af891d16cb105af35a_JaffaCakes118
-
Size
146KB
-
Sample
240402-htqelsba63
-
MD5
85bb5cf732c4b1af891d16cb105af35a
-
SHA1
2dca05c4cb468f88bdbe373c3c84c0a810e74340
-
SHA256
39e8e6808efbadc4d3dc8097bc0d48f8c8f4778886a8f0ff73b09e770ca50e47
-
SHA512
9a772e6a7f18234155fa585f513c70e498b58fa422964b82be936040c9177a7f8e5246f8597a3b0f96c04d957579b46495382d7057c8b8d8202eb4255573290b
-
SSDEEP
3072:Bn7aKpF4LSV9OdAKox7cennFEM/9OD4bxCkEFvmpwfvRQfZn:l7aKpF4eVZKotcenneM/9uvmpwfvafZn
Behavioral task
behavioral1
Sample
85bb5cf732c4b1af891d16cb105af35a_JaffaCakes118
Resource
debian9-armhf-20240226-en
Malware Config
Extracted
gafgyt
45.148.120.80:839
Targets
-
-
Target
85bb5cf732c4b1af891d16cb105af35a_JaffaCakes118
-
Size
146KB
-
MD5
85bb5cf732c4b1af891d16cb105af35a
-
SHA1
2dca05c4cb468f88bdbe373c3c84c0a810e74340
-
SHA256
39e8e6808efbadc4d3dc8097bc0d48f8c8f4778886a8f0ff73b09e770ca50e47
-
SHA512
9a772e6a7f18234155fa585f513c70e498b58fa422964b82be936040c9177a7f8e5246f8597a3b0f96c04d957579b46495382d7057c8b8d8202eb4255573290b
-
SSDEEP
3072:Bn7aKpF4LSV9OdAKox7cennFEM/9OD4bxCkEFvmpwfvRQfZn:l7aKpF4eVZKotcenneM/9uvmpwfvafZn
Score6/10-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-