Overview

overview

7

Static

static

1

fbd1912438...kes118

ubuntu-18.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fbd191243884ba5303c6351394d11b58_JaffaCakes118

  • Size

    31KB

  • Sample

    240420-dx96zafh9y

  • MD5

    fbd191243884ba5303c6351394d11b58

  • SHA1

    57895e7873ac37007e650963278618573ab10807

  • SHA256

    0a09cfa76b70f45461ee6512f74a81b4d20589a1391391453bdbbd098d9a39bb

  • SHA512

    6dbc1606e4480be0db01395e37f6a06398f722672e18ad2ddf73e33b2adc9cf710962ee18374518ee082f157e6b0a6bbdeac03359101a289e8a94780276e6f1e

  • SSDEEP

    768:lV7G9QRFuT5AwNmbKC8QdntPuQYwl1igPnbcuyD7Uryqy:D7EQRsTebKC8QdBJPnouy8mqy

Score
7/10
linux

Malware Config

Targets

    • Target

      fbd191243884ba5303c6351394d11b58_JaffaCakes118

    • Size

      31KB

    • MD5

      fbd191243884ba5303c6351394d11b58

    • SHA1

      57895e7873ac37007e650963278618573ab10807

    • SHA256

      0a09cfa76b70f45461ee6512f74a81b4d20589a1391391453bdbbd098d9a39bb

    • SHA512

      6dbc1606e4480be0db01395e37f6a06398f722672e18ad2ddf73e33b2adc9cf710962ee18374518ee082f157e6b0a6bbdeac03359101a289e8a94780276e6f1e

    • SSDEEP

      768:lV7G9QRFuT5AwNmbKC8QdntPuQYwl1igPnbcuyD7Uryqy:D7EQRsTebKC8QdBJPnouy8mqy

    Score
    7/10

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

1
T1562

Credential Access

Discovery

System Network Configuration Discovery

2
T1016

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks