Overview

overview

10

Static

static

10

146e039815...kes118

ubuntu-18.04-amd64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    146e039815837fa1d2217b3239fd756e_JaffaCakes118

  • Size

    113KB

  • Sample

    240504-zl6kasah4y

  • MD5

    146e039815837fa1d2217b3239fd756e

  • SHA1

    b326fbfc5e36ffa59c3370050840f94375acd7b0

  • SHA256

    6c69d32caadc1c40e1beb8ca1ef4b5737e375746dd7496994cd70ee23ce7ec27

  • SHA512

    983cd8c894ffc97cea7523ef040048972bef3cf774b3d9364034f658faa5e1376a4f084da37c2e44a90d28bdfb3176af263095d8269e9f3cc908b455f9fadf7b

  • SSDEEP

    3072:kiry859a2ADJf9wHYqbgFFo8+HeAz+TRCm7FnVqfJXFWbNb:T9a2aLqkrMSsm7FnVqfJXFWbNb

Score
10/10
gafgytlinux

Malware Config

Targets

    • Target

      146e039815837fa1d2217b3239fd756e_JaffaCakes118

    • Size

      113KB

    • MD5

      146e039815837fa1d2217b3239fd756e

    • SHA1

      b326fbfc5e36ffa59c3370050840f94375acd7b0

    • SHA256

      6c69d32caadc1c40e1beb8ca1ef4b5737e375746dd7496994cd70ee23ce7ec27

    • SHA512

      983cd8c894ffc97cea7523ef040048972bef3cf774b3d9364034f658faa5e1376a4f084da37c2e44a90d28bdfb3176af263095d8269e9f3cc908b455f9fadf7b

    • SSDEEP

      3072:kiry859a2ADJf9wHYqbgFFo8+HeAz+TRCm7FnVqfJXFWbNb:T9a2aLqkrMSsm7FnVqfJXFWbNb

    Score
    7/10

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks