General
-
Target
d6f06be6d4ba2b9b428049bdd14058b4_JaffaCakes118
-
Size
753KB
-
Sample
240909-xyldsavemq
-
MD5
d6f06be6d4ba2b9b428049bdd14058b4
-
SHA1
965408f5670ae8f62db3b9ce0188f6f528b0b5cc
-
SHA256
d76164cbced34e333a1d66c9ed7d826c62d49df4590c6bbc8bf86d4e5aad0ab5
-
SHA512
ead59c7d24eb0a7d09a49fcae29c6f8198d7675cb5a2dcfd9e21ae29ddafde5be94a660d128d4afd8b2ffca09bc24a19893d46cc69f82de7441e8dc50a1e39ee
-
SSDEEP
12288:Fdg5Rhlwh4z3meX6TRHMJ6xPuO5oIkPxvlYLWbKRT4k0PnYNEwMuxyXuKkMmweNz:FdgrhlwhY3meXoJn1aPxvK0k0PYN7MJ4
Malware Config
Targets
-
-
Target
d6f06be6d4ba2b9b428049bdd14058b4_JaffaCakes118
-
Size
753KB
-
MD5
d6f06be6d4ba2b9b428049bdd14058b4
-
SHA1
965408f5670ae8f62db3b9ce0188f6f528b0b5cc
-
SHA256
d76164cbced34e333a1d66c9ed7d826c62d49df4590c6bbc8bf86d4e5aad0ab5
-
SHA512
ead59c7d24eb0a7d09a49fcae29c6f8198d7675cb5a2dcfd9e21ae29ddafde5be94a660d128d4afd8b2ffca09bc24a19893d46cc69f82de7441e8dc50a1e39ee
-
SSDEEP
12288:Fdg5Rhlwh4z3meX6TRHMJ6xPuO5oIkPxvlYLWbKRT4k0PnYNEwMuxyXuKkMmweNz:FdgrhlwhY3meXoJn1aPxvK0k0PYN7MJ4
Score7/10-
Deletes system logs
Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.
-
Loads a kernel module
Loads a Linux kernel module, potentially to achieve persistence
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-