Overview

overview

9

Static

static

1

b25cab7d30...kes118

ubuntu-18.04-amd64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    b25cab7d300989fdf493cedb50e834e0_JaffaCakes118

  • Size

    66KB

  • Sample

    240821-gvy8gataqd

  • MD5

    b25cab7d300989fdf493cedb50e834e0

  • SHA1

    77b509a609dcfe68ef033a4c61c74d41fe98ddcc

  • SHA256

    23b482417f1786c5b3c17b6a0c0e3ba132fac1d5f69017ab4a986bac7ee706b7

  • SHA512

    678f33ba143308ee57700bc957e22a7d0861406c61d47d27e25d28a72a881a8ba12dd6b0a3cd332da32cfea2e78b6c8a45b905b59b7fb77575d31a98b00a5c0e

  • SSDEEP

    1536:YdpVHQEHtMV+MB3LbL9o0Ps+nnzCkX02azygnCKf5t0b6Sxg/mufsS:mjw5J3HL9BPxnjX0IgCKRt0bfxw/

Score
9/10
discoverylinux

Malware Config

Targets

    • Target

      b25cab7d300989fdf493cedb50e834e0_JaffaCakes118

    • Size

      66KB

    • MD5

      b25cab7d300989fdf493cedb50e834e0

    • SHA1

      77b509a609dcfe68ef033a4c61c74d41fe98ddcc

    • SHA256

      23b482417f1786c5b3c17b6a0c0e3ba132fac1d5f69017ab4a986bac7ee706b7

    • SHA512

      678f33ba143308ee57700bc957e22a7d0861406c61d47d27e25d28a72a881a8ba12dd6b0a3cd332da32cfea2e78b6c8a45b905b59b7fb77575d31a98b00a5c0e

    • SSDEEP

      1536:YdpVHQEHtMV+MB3LbL9o0Ps+nnzCkX02azygnCKf5t0b6Sxg/mufsS:mjw5J3HL9BPxnjX0IgCKRt0bfxw/

    Score
    9/10
    discovery

    • Contacts a large (49188) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Enumerates active TCP sockets

      Gets active TCP sockets from /proc virtual filesystem.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks