Extracted

• • Target

    a4648076a359fcdc54ba49fe25513fcd_JaffaCakes118

  • Size

    149KB

  • MD5

    a4648076a359fcdc54ba49fe25513fcd

  • SHA1

    ea05b6cb884662895b79e0ac081dfa31e14f5be6

  • SHA256

    4582d8151d7f83282065f5a3b91b3fb1852f0e2c65175da72b5ce129006bbe92

  • SHA512

    7158d4b49c91c3e4b068ef342d2ea5e1459c465802e5802829cc222f31c10790795ff735f4b3acc7d2c0a4162a719b23bfaf49396f00f51b47ef26f9e3b6c3a3

  • SSDEEP

    3072:d4CMuNlB8o0Djn7k6JsJGB9mrsplDKZUWQBKXAVanwX+F8JyvsPhLn8YhLJzVfN9:d4CMuNlB8o0Djn7k6J/B9mrsplDKZUW0

  Score

  9^/10

  discovery

  • Contacts a large (20293) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

  behavioral1