General
-
Target
c1ec720ad4e847ff37bfdcebbe5b30df_JaffaCakes118
-
Size
611KB
-
Sample
240826-aygdhavcka
-
MD5
c1ec720ad4e847ff37bfdcebbe5b30df
-
SHA1
30fd7c4761351e2c81dfe79ca26b661014f3b64f
-
SHA256
f8a2c1ff8d2a8f29181c8d3dd22fce6770522c5453efee8ec1ecd3ba0e54407f
-
SHA512
b5ba20ea664fc035e6d4ace155ad45ccd94b6bfdb24180aa8f3f3105bfc9bc2ad65d68b352f3b64ff7bede0fc066741b5fd52de8162d8632b473a3c67315767e
-
SSDEEP
12288:FBXOvdwV1/n/dQFhWlH/c1dHo4h9L+zNZrrRT6yF8EEP4UlUuTh1AG:FBXmkN/+Fhu/Qo4h9L+zNNRBVEBl/91h
Behavioral task
behavioral1
Sample
c1ec720ad4e847ff37bfdcebbe5b30df_JaffaCakes118
Resource
ubuntu2404-amd64-20240523-en
Malware Config
Extracted
xorddos
http://www.gzcfr5axf6.com/config.rar
bbb.wordpressau.com:3006
-
crc_polynomial
EDB88320
Targets
-
-
Target
c1ec720ad4e847ff37bfdcebbe5b30df_JaffaCakes118
-
Size
611KB
-
MD5
c1ec720ad4e847ff37bfdcebbe5b30df
-
SHA1
30fd7c4761351e2c81dfe79ca26b661014f3b64f
-
SHA256
f8a2c1ff8d2a8f29181c8d3dd22fce6770522c5453efee8ec1ecd3ba0e54407f
-
SHA512
b5ba20ea664fc035e6d4ace155ad45ccd94b6bfdb24180aa8f3f3105bfc9bc2ad65d68b352f3b64ff7bede0fc066741b5fd52de8162d8632b473a3c67315767e
-
SSDEEP
12288:FBXOvdwV1/n/dQFhWlH/c1dHo4h9L+zNZrrRT6yF8EEP4UlUuTh1AG:FBXmkN/+Fhu/Qo4h9L+zNNRBVEBl/91h
Score10/10-
XorDDoS
Botnet and downloader malware targeting Linux-based operating systems and IoT devices.
-
XorDDoS payload
-
Writes memory of remote process
-