9839c4792a47b4d60e6da7ea4739c79ea3197156d2240444e73d5af94d01e475 | Triage

Sharing

General

Target

f698388cc1552f4dd7f8eee327f82780_JaffaCakes118
Size

72KB
Sample

240925-wy65tazdrq
MD5

f698388cc1552f4dd7f8eee327f82780
SHA1

bad0892a8edfdfdf069308e0277749965acf6994
SHA256

9839c4792a47b4d60e6da7ea4739c79ea3197156d2240444e73d5af94d01e475
SHA512

c582a907ab8981160cb44d621768d3acc7e2fea9fed53bb17c3be2e9ead2b46eb83227b5191155c7b07cc12155ce077919fc18448d62ae8bc5c1d83d0f08826d
SSDEEP

1536:LJCaWbNSwUdctHB2QvoBlSdcLKx7ya5/tEmZd:LJCa4SwUdSHBCBlic2x7yIb

Score

7^/10

defense_evasion discovery linux

Malware Config

Targets

- Target
  
  f698388cc1552f4dd7f8eee327f82780_JaffaCakes118
- Size
  
  72KB
- MD5
  
  f698388cc1552f4dd7f8eee327f82780
- SHA1
  
  bad0892a8edfdfdf069308e0277749965acf6994
- SHA256
  
  9839c4792a47b4d60e6da7ea4739c79ea3197156d2240444e73d5af94d01e475
- SHA512
  
  c582a907ab8981160cb44d621768d3acc7e2fea9fed53bb17c3be2e9ead2b46eb83227b5191155c7b07cc12155ce077919fc18448d62ae8bc5c1d83d0f08826d
- SSDEEP
  
  1536:LJCaWbNSwUdctHB2QvoBlSdcLKx7ya5/tEmZd:LJCa4SwUdSHBCBlic2x7yIb
Score

7^/10

defense_evasion discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery