General
-
Target
a99c10cb9713770b9e7dda376cddee3a_JaffaCakes118
-
Size
611KB
-
Sample
240819-e8meqavbka
-
MD5
a99c10cb9713770b9e7dda376cddee3a
-
SHA1
1f1dd4d74eba8949fb1d2316c13f77b3ffa96f98
-
SHA256
92a260d856e00056469fb26f5305a37f6ab443d735d1476281b053b10b3c4f86
-
SHA512
1d410a7259469a16a1599fb28cb7cd82813270a112055e4fbe28327735a2968affbfdcba0a2001d504919e5ef3b271f40c45da6291be9c5f97c278418b241b79
-
SSDEEP
12288:UB1tATMVAqnf+ExxBHYpmA38X8LYkCW6TiOx6yB1/iGK4UlUuTh1AG:UB1BVpmExDYp38X8LYTWhOfNiGQl/91h
Behavioral task
behavioral1
Sample
a99c10cb9713770b9e7dda376cddee3a_JaffaCakes118
Resource
ubuntu2404-amd64-20240523-en
Malware Config
Extracted
xorddos
http://aa.hostasa.org/game.rar
ns3.hostasa.org:3308
ns4.hostasa.org:3308
ns1.hostasa.org:3308
ns2.hostasa.org:3308
-
crc_polynomial
EDB88320
Targets
-
-
Target
a99c10cb9713770b9e7dda376cddee3a_JaffaCakes118
-
Size
611KB
-
MD5
a99c10cb9713770b9e7dda376cddee3a
-
SHA1
1f1dd4d74eba8949fb1d2316c13f77b3ffa96f98
-
SHA256
92a260d856e00056469fb26f5305a37f6ab443d735d1476281b053b10b3c4f86
-
SHA512
1d410a7259469a16a1599fb28cb7cd82813270a112055e4fbe28327735a2968affbfdcba0a2001d504919e5ef3b271f40c45da6291be9c5f97c278418b241b79
-
SSDEEP
12288:UB1tATMVAqnf+ExxBHYpmA38X8LYkCW6TiOx6yB1/iGK4UlUuTh1AG:UB1BVpmExDYp38X8LYTWhOfNiGQl/91h
Score10/10-
XorDDoS
Botnet and downloader malware targeting Linux-based operating systems and IoT devices.
-
XorDDoS payload
-
Writes memory of remote process
-