General
-
Target
b90f98a1de56b02687d6b719646ce12a_JaffaCakes118
-
Size
544KB
-
Sample
240822-zckapswgjg
-
MD5
b90f98a1de56b02687d6b719646ce12a
-
SHA1
e2cd4662a8885a350dcb5c0ea38e7ee377cd3aff
-
SHA256
6814a4bbe0b6078dc04a4144e8017a50c3a453793e01cb3ae3440c575876ba6a
-
SHA512
e5fab8a263ec7ed03ee4b5d110aa8e2985dcc81691cb2939830df0b472c2a4b0d4c7e524bccaf0a111211d150eff8711807a9787c4bd23677d4529340fff6db0
-
SSDEEP
12288:dMt0ECI+AnmBeGHOkVZAG2/2//PXaIWtpm6y92u:atPCIN7G/VZAp/2//fa7po
Malware Config
Extracted
xorddos
-
crc_polynomial
CDB88320
Targets
-
-
Target
b90f98a1de56b02687d6b719646ce12a_JaffaCakes118
-
Size
544KB
-
MD5
b90f98a1de56b02687d6b719646ce12a
-
SHA1
e2cd4662a8885a350dcb5c0ea38e7ee377cd3aff
-
SHA256
6814a4bbe0b6078dc04a4144e8017a50c3a453793e01cb3ae3440c575876ba6a
-
SHA512
e5fab8a263ec7ed03ee4b5d110aa8e2985dcc81691cb2939830df0b472c2a4b0d4c7e524bccaf0a111211d150eff8711807a9787c4bd23677d4529340fff6db0
-
SSDEEP
12288:dMt0ECI+AnmBeGHOkVZAG2/2//PXaIWtpm6y92u:atPCIN7G/VZAp/2//fa7po
Score10/10-
XorDDoS
Botnet and downloader malware targeting Linux-based operating systems and IoT devices.
-
XorDDoS payload
-
Writes memory of remote process
-
Loads a kernel module
Loads a Linux kernel module, potentially to achieve persistence
-