General
-
Target
7f93143f631265468b8d584aab70b897_JaffaCakes118
-
Size
30KB
-
Sample
240801-hsfh1ssclg
-
MD5
7f93143f631265468b8d584aab70b897
-
SHA1
32f181c3fee32fa450b0d4842eb871337a73f0b1
-
SHA256
6e022b434deca2c970d00ec6ffaf7b4ce9af89f33df6cb28b85d343e247a9268
-
SHA512
83a3f3038455d629d92c658c0d99950680379d14d72b7471447f628bfd45e2ceb7b392dce05f54fa02420915b7e27b3d1ed82381c8b54ce24c4277f58c52a93f
-
SSDEEP
768:n+78zQ5VFNcDAFLcIwgnoYq0xFBVdAw2v:nMVF+D6cIwgosz+
Malware Config
Targets
-
-
Target
7f93143f631265468b8d584aab70b897_JaffaCakes118
-
Size
30KB
-
MD5
7f93143f631265468b8d584aab70b897
-
SHA1
32f181c3fee32fa450b0d4842eb871337a73f0b1
-
SHA256
6e022b434deca2c970d00ec6ffaf7b4ce9af89f33df6cb28b85d343e247a9268
-
SHA512
83a3f3038455d629d92c658c0d99950680379d14d72b7471447f628bfd45e2ceb7b392dce05f54fa02420915b7e27b3d1ed82381c8b54ce24c4277f58c52a93f
-
SSDEEP
768:n+78zQ5VFNcDAFLcIwgnoYq0xFBVdAw2v:nMVF+D6cIwgosz+
Score10/10-
xmrig
XMRig is a high performance, open source, cross platform CPU/GPU miner.
-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Flushes firewall rules
Flushes/ disables firewall rules inside the Linux kernel.
-
Loads a kernel module
Loads a Linux kernel module, potentially to achieve persistence
-
Attempts to change immutable files
Modifies inode attributes on the filesystem to allow changing of immutable files.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Disables AppArmor
Disables AppArmor security module.
-
Disables SELinux
Disables SELinux security module.
-
Enumerates running processes
Discovers information about currently running processes on the system
-