db38cbfbaaa666678e0809d09e4f884a311d795f95a8352a69d16e0c0447b9ab | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

1

4a9d5a1124...kes118

ubuntu-18.04-amd64

7

Sharing

General

Target

4a9d5a1124cf64a18fa3eda4dedc95ab_JaffaCakes118
Size

56KB
Sample

240516-mfwrpage66
MD5

4a9d5a1124cf64a18fa3eda4dedc95ab
SHA1

e5a48005e2aff5b01cb208d0b59b20b7010e55ef
SHA256

db38cbfbaaa666678e0809d09e4f884a311d795f95a8352a69d16e0c0447b9ab
SHA512

e6ce1668fce7cd74ae0bb95d4ddd4caa72d33c756ef63f49e03e75ed0b92d01a6f3e1c8083efbd175edd251bd610bae876b726280a5f87c813b5cef1b07777d8
SSDEEP

1536:EGzFQq+kOCI2WrMeE/iv30vk3X+QF/isnVTx:kq+ksQeE6vEvk3R9

Score

7^/10

linux

Static task

static1

Behavioral task

behavioral1

Sample

4a9d5a1124cf64a18fa3eda4dedc95ab_JaffaCakes118

Resource

ubuntu1804-amd64-20240508-en

ubuntu-18.04-amd64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  4a9d5a1124cf64a18fa3eda4dedc95ab_JaffaCakes118
- Size
  
  56KB
- MD5
  
  4a9d5a1124cf64a18fa3eda4dedc95ab
- SHA1
  
  e5a48005e2aff5b01cb208d0b59b20b7010e55ef
- SHA256
  
  db38cbfbaaa666678e0809d09e4f884a311d795f95a8352a69d16e0c0447b9ab
- SHA512
  
  e6ce1668fce7cd74ae0bb95d4ddd4caa72d33c756ef63f49e03e75ed0b92d01a6f3e1c8083efbd175edd251bd610bae876b726280a5f87c813b5cef1b07777d8
- SSDEEP
  
  1536:EGzFQq+kOCI2WrMeE/iv30vk3X+QF/isnVTx:kq+ksQeE6vEvk3R9
Score

7^/10
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy