Overview

overview

10

Static

static

10

.bash_hist...utorun

ubuntu-18.04-amd64

6

.bash_hist...utorun

debian-9-armhf

6

.bash_hist...utorun

debian-9-mips

6

.bash_hist...utorun

debian-9-mipsel

6

.bash_history1/.kde/b

ubuntu-18.04-amd64

.bash_hist...kde/b2

ubuntu-18.04-amd64

.bash_hist.../crond

ubuntu-18.04-amd64

.bash_hist.../essyn

ubuntu-20.04-amd64

1

.bash_history1/.kde/f

ubuntu-20.04-amd64

.bash_hist...kde/f4

ubuntu-20.04-amd64

.bash_history1/.kde/g

ubuntu-20.04-amd64

.bash_history1/.kde/j

ubuntu-18.04-amd64

.bash_hist...kde/j2

ubuntu-20.04-amd64

.bash_hist...killer

ubuntu-18.04-amd64

.bash_hist...ch.vbs

windows7-x64

1

.bash_hist...ch.vbs

windows10-2004-x64

1

.bash_hist...de/run

ubuntu-18.04-amd64

1

.bash_hist...de/run

debian-9-armhf

1

.bash_hist...de/run

debian-9-mips

1

.bash_hist...de/run

debian-9-mipsel

1

.bash_history1/.kde/s

ubuntu-18.04-amd64

.bash_hist...kde/sl

ubuntu-20.04-amd64

.bash_hist...e/ssyn

ubuntu-20.04-amd64

1

.bash_hist...art.sh

windows7-x64

3

.bash_hist...art.sh

windows10-2004-x64

3

.bash_hist...de/std

ubuntu-18.04-amd64

.bash_hist...tealth

ubuntu-18.04-amd64

.bash_hist...stream

ubuntu-20.04-amd64

.bash_hist...e/talk

ubuntu-18.04-amd64

.bash_hist...de/tty

ubuntu-18.04-amd64

.bash_hist...update

ubuntu-18.04-amd64

1

.bash_hist...update

debian-9-armhf

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ee7f4237d4b055d374a80a79d525b7f4_JaffaCakes118

  • Size

    251KB

  • MD5

    ee7f4237d4b055d374a80a79d525b7f4

  • SHA1

    8084ffd268fd3398e8b8a5c45c4981e78b4ecaa2

  • SHA256

    7518cd76ff9f401b31774b9bb24f83993107eb82856f36095b87a179f835fea0

  • SHA512

    af94379c744021326bf9d77eb95a63c0d580482ce7cafeb971a07fa5913a60387f418e3dcb484b4993523d620a75841d34779db851633d3263374a0dc6ac3df0

  • SSDEEP

    6144:StTEN/szdBUruRVuisSPyGjCzGzZ9GcBsrRlLKddnGQX:qE5qrHRVISKtkZI6s3uXXX

Score
10/10
botnetkaiten

Malware Config

Signatures

  • Contains strings common to LOLSquad DDoS tools 2 IoCs

    Resembles a range of public tools written in C intended for DDoS attacks.

    botnet
  • Detects Kaiten/Tsunami Payload 1 IoCs
  • Kaiten family
    kaiten

Files

  • ee7f4237d4b055d374a80a79d525b7f4_JaffaCakes118
    .gz
  • n.tar
    .tar
  • .bash_history1/.kde/1
  • .bash_history1/.kde/autorun
    .sh linux
  • .bash_history1/.kde/b
    .elf linux x86
  • .bash_history1/.kde/b2
    .elf linux x86
  • .bash_history1/.kde/bang.txt
  • .bash_history1/.kde/cron
  • .bash_history1/.kde/crond
    .elf linux x86
  • .bash_history1/.kde/dir
  • .bash_history1/.kde/essyn
    .elf linux x64
  • .bash_history1/.kde/f
    .elf linux x86
  • .bash_history1/.kde/f4
    .elf linux x86
  • .bash_history1/.kde/fwd
  • .bash_history1/.kde/g
    .elf linux x86
  • .bash_history1/.kde/j
    .elf linux x86
  • .bash_history1/.kde/j2
    .elf linux x86
  • .bash_history1/.kde/killer
    .elf linux x86
  • .bash_history1/.kde/mech.help
    .vbs
  • .bash_history1/.kde/mech.levels
  • .bash_history1/.kde/mech.set
  • .bash_history1/.kde/run
    .sh linux
  • .bash_history1/.kde/s
    .elf linux x86
  • .bash_history1/.kde/sl
    .elf linux x86
  • .bash_history1/.kde/ssyn
    .elf linux x64
  • .bash_history1/.kde/start.sh
  • .bash_history1/.kde/std
    .elf linux x86
  • .bash_history1/.kde/stealth
    .elf linux x86
  • .bash_history1/.kde/stream
    .elf linux x86
  • .bash_history1/.kde/talk
    .elf linux x86
  • .bash_history1/.kde/tty
    .elf linux x86
  • .bash_history1/.kde/update
    .sh linux
  • .bash_history1/.kde/v
    .elf linux x86
  • .bash_history1/.kde/v2
    .elf linux x86
  • .bash_history1/.kde/vadim
    .elf linux x86
  • .bash_history1/.kde/x
    .sh linux
  • .bash_history1/.kde/z0b
    .elf linux x86
  • .bash_history1/essyn
    .elf linux x64
  • .bash_history1/ssyn
    .elf linux x64