Overview

overview

10

Static

static

10

b10e191e77...kes118

ubuntu-22.04-amd64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b10e191e774b234f6e11b8b2d0f25a9b_JaffaCakes118

  • Size

    61KB

  • Sample

    240820-17qxeazeqp

  • MD5

    b10e191e774b234f6e11b8b2d0f25a9b

  • SHA1

    89056d95ba9fc7a9b6f6f7dfdcd99ee75bb8c743

  • SHA256

    860451cd4eb016b4668a9c028f9abd2b4608076774d64f3df49c821c8a91fdc5

  • SHA512

    5c4a7c3cd496488f8add37d6958e0e4986489d68177e02decc7da01f6a7080991f7c9ae5aa8391f87d34debf029b5602b743273e422fdffc071dcbf04eb70138

  • SSDEEP

    1536:MHbMNeNLhesQ5/Ili4OwY3SAA3QFXrwMtxqUAxxf1:SIIosQqli4OwYiWXrwMtkUAxp1

Score
10/10
miraidiscoverylinux

Malware Config

Targets

    • Target

      b10e191e774b234f6e11b8b2d0f25a9b_JaffaCakes118

    • Size

      61KB

    • MD5

      b10e191e774b234f6e11b8b2d0f25a9b

    • SHA1

      89056d95ba9fc7a9b6f6f7dfdcd99ee75bb8c743

    • SHA256

      860451cd4eb016b4668a9c028f9abd2b4608076774d64f3df49c821c8a91fdc5

    • SHA512

      5c4a7c3cd496488f8add37d6958e0e4986489d68177e02decc7da01f6a7080991f7c9ae5aa8391f87d34debf029b5602b743273e422fdffc071dcbf04eb70138

    • SSDEEP

      1536:MHbMNeNLhesQ5/Ili4OwY3SAA3QFXrwMtxqUAxxf1:SIIosQqli4OwYiWXrwMtkUAxp1

    Score
    9/10
    discovery

    • Contacts a large (9279) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Deletes itself

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks