14e58352c5dedf1c414b028a77e2e40608f369f33d8db539df91fbea0c2cbe73 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

2f797eb23d...kes118

debian-12-mipsel

9

Sharing

General

Target

2f797eb23d0d605725987c69580725a4_JaffaCakes118
Size

54KB
Sample

241009-mhvbmstgmg
MD5

2f797eb23d0d605725987c69580725a4
SHA1

1e3db0bb2de4e40718472ddf855d0b83e21531c8
SHA256

14e58352c5dedf1c414b028a77e2e40608f369f33d8db539df91fbea0c2cbe73
SHA512

0808b3bd8aa10689ec9f66be6ad0e4d75e743b729496edad00b823f81d64902560e7de148e6b7ca241b87d9d89895bc73ace391fb0804d18a997e3129dd66946
SSDEEP

768:T/vHh/qm0JrU72GjaxDePepheXXoAjw7Y/Yg0Y43Xigck0JfhKpDSKxIYK:VcVU6ZKkhsCkAg0XF0Jfe

Score

9^/10

defense_evasion discovery

Static task

static1

Behavioral task

behavioral1

Sample

2f797eb23d0d605725987c69580725a4_JaffaCakes118

Resource

debian12-mipsel-20240221-en

defense_evasion discovery

debian-12-mipsel

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  2f797eb23d0d605725987c69580725a4_JaffaCakes118
- Size
  
  54KB
- MD5
  
  2f797eb23d0d605725987c69580725a4
- SHA1
  
  1e3db0bb2de4e40718472ddf855d0b83e21531c8
- SHA256
  
  14e58352c5dedf1c414b028a77e2e40608f369f33d8db539df91fbea0c2cbe73
- SHA512
  
  0808b3bd8aa10689ec9f66be6ad0e4d75e743b729496edad00b823f81d64902560e7de148e6b7ca241b87d9d89895bc73ace391fb0804d18a997e3129dd66946
- SSDEEP
  
  768:T/vHh/qm0JrU72GjaxDePepheXXoAjw7Y/Yg0Y43Xigck0JfhKpDSKxIYK:VcVU6ZKkhsCkAg0XF0Jfe
Score

9^/10

defense_evasion discovery
- Contacts a large (49254) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy