Extracted

• • Target

    888032acfe2ceaf80c4e9e60db15f6e4_JaffaCakes118

  • Size

    77KB

  • MD5

    888032acfe2ceaf80c4e9e60db15f6e4

  • SHA1

    d0769ba51b4a90236c2ab80003bba97fafad2ddb

  • SHA256

    c9b8a6a3b09f7ff9c3b49dc69891f94d2fb6e645f4a4c2674ffbdc0de0f51796

  • SHA512

    a38a6d8284d7d3f82d29259bcf327b95457c4bcbbebb12caf2823494250b7aa461ac7e87b95a7450c8da534f83dc82350a53c3a8ec987a479f6aad49f8213996

  • SSDEEP

    1536:P2Vu+dSbFTBJRc4gRGUVpZWpsDuPSwteQHBI:uVu+dSbBBLgRGopSeX

  Score

  9^/10

  discovery

  • Contacts a large (18877) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Deletes itself

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

  behavioral1