Extracted

• • Target

    a866a398d9da4d44935205a4453873e5_JaffaCakes118

  • Size

    77KB

  • MD5

    a866a398d9da4d44935205a4453873e5

  • SHA1

    463604522fe1f6a686c2e4b40899d7a1fe8a6d70

  • SHA256

    b40447137e93476090160e8d1b8bd5dbb35d538b8c0e4aa7bafc96b1c02e9885

  • SHA512

    576edbd7f2f33d58d99bc889b10c9882e4eea13aef82c167bec66c32228bb36702a2f199060c2ace997ee794ed3dd11f5662e6ac96ee548338a7e999de455c40

  • SSDEEP

    1536:ZELNXCoctMwWQY59qaRZg3wxyt9HuXXS0l4Sjz3PN6RO7fid1YFqo:CJ7ctMw1m/K3wxlZ4SjzPu/zo

  Score

  9^/10

  discovery

  • Contacts a large (6720) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

  behavioral1