General
-
Target
757b89c6cc5a910c11a555a381684e55_JaffaCakes118
-
Size
611KB
-
Sample
240730-r8h4hsvfkk
-
MD5
757b89c6cc5a910c11a555a381684e55
-
SHA1
5cd2b55e20d10dd6bdd9bd972aad67ef7544d4ce
-
SHA256
46b79608c9a603c1f0046b0952f080b6cce855320a80bb6db4155a26ab0fd5f0
-
SHA512
0a9ecca06f87e403e7170dcb3fa275547139f9ee4b253efdd96f01d2d806b49d78a1ebf8bf420c156d9cbf74dc652c180b6591de2c5f34d5902f0e64cf45bd1f
-
SSDEEP
12288:FBXOvdwV1/n/dQFhWlH/c1dHo4h9L+zNZrr3T6yF8EEP4UlUuTh1AG:FBXmkN/+Fhu/Qo4h9L+zNN3BVEBl/91h
Behavioral task
behavioral1
Sample
757b89c6cc5a910c11a555a381684e55_JaffaCakes118
Resource
ubuntu2404-amd64-20240523-en
Malware Config
Extracted
xorddos
http://www.s9xk32c.com/config.rar
ww.s9xk32c.com:3308
ww.s9xk32a.com:3308
ww.s9xk32b.com:3308
-
crc_polynomial
EDB88320
Targets
-
-
Target
757b89c6cc5a910c11a555a381684e55_JaffaCakes118
-
Size
611KB
-
MD5
757b89c6cc5a910c11a555a381684e55
-
SHA1
5cd2b55e20d10dd6bdd9bd972aad67ef7544d4ce
-
SHA256
46b79608c9a603c1f0046b0952f080b6cce855320a80bb6db4155a26ab0fd5f0
-
SHA512
0a9ecca06f87e403e7170dcb3fa275547139f9ee4b253efdd96f01d2d806b49d78a1ebf8bf420c156d9cbf74dc652c180b6591de2c5f34d5902f0e64cf45bd1f
-
SSDEEP
12288:FBXOvdwV1/n/dQFhWlH/c1dHo4h9L+zNZrr3T6yF8EEP4UlUuTh1AG:FBXmkN/+Fhu/Qo4h9L+zNN3BVEBl/91h
Score10/10-
XorDDoS
Botnet and downloader malware targeting Linux-based operating systems and IoT devices.
-
XorDDoS payload
-
Writes memory of remote process
-