General
-
Target
897ec1f635f44d6fa85e4a97d1b4887e_JaffaCakes118
-
Size
155KB
-
Sample
240402-lzag5ade2w
-
MD5
897ec1f635f44d6fa85e4a97d1b4887e
-
SHA1
fe875ede6dcf12b7f1f8179fa9c6bb5b729ac31d
-
SHA256
fcf12690bf21d443fe7a94ae392419e12d5f7a85e0b1a64040a1e665acf8bfc6
-
SHA512
8a8d7b480dd26fbc46e63659e3fc920eb5c3f2757e64528c7413148c4d8bf1bcf2ceb6fdd63994ae9f569fae6840edab2a8434926329f7a48eb5b439e212e8b8
-
SSDEEP
3072:1LNqrhHZ0P6bRFBQixfRjHkLwmrThPaLEne7rNb:1Lsrr0PeRTJTgLwmrThPaLEne7rNb
Behavioral task
behavioral1
Sample
897ec1f635f44d6fa85e4a97d1b4887e_JaffaCakes118
Resource
debian9-mipsel-20240226-en
Malware Config
Targets
-
-
Target
897ec1f635f44d6fa85e4a97d1b4887e_JaffaCakes118
-
Size
155KB
-
MD5
897ec1f635f44d6fa85e4a97d1b4887e
-
SHA1
fe875ede6dcf12b7f1f8179fa9c6bb5b729ac31d
-
SHA256
fcf12690bf21d443fe7a94ae392419e12d5f7a85e0b1a64040a1e665acf8bfc6
-
SHA512
8a8d7b480dd26fbc46e63659e3fc920eb5c3f2757e64528c7413148c4d8bf1bcf2ceb6fdd63994ae9f569fae6840edab2a8434926329f7a48eb5b439e212e8b8
-
SSDEEP
3072:1LNqrhHZ0P6bRFBQixfRjHkLwmrThPaLEne7rNb:1Lsrr0PeRTJTgLwmrThPaLEne7rNb
Score7/10-
Changes its process name
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Reads system routing table
Gets active network interfaces from /proc virtual filesystem.
-