General

  • Target

    897ec1f635f44d6fa85e4a97d1b4887e_JaffaCakes118

  • Size

    155KB

  • Sample

    240402-lzag5ade2w

  • MD5

    897ec1f635f44d6fa85e4a97d1b4887e

  • SHA1

    fe875ede6dcf12b7f1f8179fa9c6bb5b729ac31d

  • SHA256

    fcf12690bf21d443fe7a94ae392419e12d5f7a85e0b1a64040a1e665acf8bfc6

  • SHA512

    8a8d7b480dd26fbc46e63659e3fc920eb5c3f2757e64528c7413148c4d8bf1bcf2ceb6fdd63994ae9f569fae6840edab2a8434926329f7a48eb5b439e212e8b8

  • SSDEEP

    3072:1LNqrhHZ0P6bRFBQixfRjHkLwmrThPaLEne7rNb:1Lsrr0PeRTJTgLwmrThPaLEne7rNb

Score
10/10

Malware Config

Targets

    • Target

      897ec1f635f44d6fa85e4a97d1b4887e_JaffaCakes118

    • Size

      155KB

    • MD5

      897ec1f635f44d6fa85e4a97d1b4887e

    • SHA1

      fe875ede6dcf12b7f1f8179fa9c6bb5b729ac31d

    • SHA256

      fcf12690bf21d443fe7a94ae392419e12d5f7a85e0b1a64040a1e665acf8bfc6

    • SHA512

      8a8d7b480dd26fbc46e63659e3fc920eb5c3f2757e64528c7413148c4d8bf1bcf2ceb6fdd63994ae9f569fae6840edab2a8434926329f7a48eb5b439e212e8b8

    • SSDEEP

      3072:1LNqrhHZ0P6bRFBQixfRjHkLwmrThPaLEne7rNb:1Lsrr0PeRTJTgLwmrThPaLEne7rNb

    Score
    7/10
    • Changes its process name

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks