Overview

overview

10

Static

static

10

f04939e50d...kes118

ubuntu-18.04-amd64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    f04939e50d111f371aa9823e54e07e13_JaffaCakes118

  • Size

    113KB

  • Sample

    240415-evjfxagg81

  • MD5

    f04939e50d111f371aa9823e54e07e13

  • SHA1

    4643f9de6e6ca2aa61d35bed63fceca52428f1f7

  • SHA256

    6ad1f1b4427d6317c599e614d0554e940ca617187ef0d50dc2ae65ee1349b3cc

  • SHA512

    bba61a1ad879abda24798c76f4e4ceffa79fa13dc46aa4c6cc161d96b86c9adc7b2e3d8c70551abdb7cf7dfb57f965d3fc67719bd4174f2aa88cba005c2ad42d

  • SSDEEP

    3072:kiry859a2ADJf9wHYqbgFFo8+HeAp+TRCm7FnVqfJXFWbNb:T9a2aLqkrM0sm7FnVqfJXFWbNb

Score
10/10
gafgytlinux

Malware Config

Targets

    • Target

      f04939e50d111f371aa9823e54e07e13_JaffaCakes118

    • Size

      113KB

    • MD5

      f04939e50d111f371aa9823e54e07e13

    • SHA1

      4643f9de6e6ca2aa61d35bed63fceca52428f1f7

    • SHA256

      6ad1f1b4427d6317c599e614d0554e940ca617187ef0d50dc2ae65ee1349b3cc

    • SHA512

      bba61a1ad879abda24798c76f4e4ceffa79fa13dc46aa4c6cc161d96b86c9adc7b2e3d8c70551abdb7cf7dfb57f965d3fc67719bd4174f2aa88cba005c2ad42d

    • SSDEEP

      3072:kiry859a2ADJf9wHYqbgFFo8+HeAp+TRCm7FnVqfJXFWbNb:T9a2aLqkrM0sm7FnVqfJXFWbNb

    Score
    7/10

    • Changes its process name

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks