General
-
Target
426e7f898a0e0a9ccff6fd922a28c652_JaffaCakes118
-
Size
33KB
-
Sample
241014-p3llcawdqe
-
MD5
426e7f898a0e0a9ccff6fd922a28c652
-
SHA1
77f7973464b13deab5be6ea3036adef18176bacb
-
SHA256
94ae9b29d3ea02cbe824295642c9f7a6206ebd7cca74050e697943f05d0b8407
-
SHA512
0f96e3799c6623ad63c69d319270931f305354d808a5bcca544f905a925e8720a6f28d5508fe659a101d1f2929122d8c96cf14d674a0ce9cbb4e631e98617c5a
-
SSDEEP
768:tKk1/sOmVkXeCFbQwHk3gCb2JBD0SKSq6bi0YV:tp1/BPHk34XRKSFbiR
Static task
static1
Behavioral task
behavioral1
Sample
426e7f898a0e0a9ccff6fd922a28c652_JaffaCakes118
Resource
ubuntu1804-amd64-20240611-en
Malware Config
Targets
-
-
Target
426e7f898a0e0a9ccff6fd922a28c652_JaffaCakes118
-
Size
33KB
-
MD5
426e7f898a0e0a9ccff6fd922a28c652
-
SHA1
77f7973464b13deab5be6ea3036adef18176bacb
-
SHA256
94ae9b29d3ea02cbe824295642c9f7a6206ebd7cca74050e697943f05d0b8407
-
SHA512
0f96e3799c6623ad63c69d319270931f305354d808a5bcca544f905a925e8720a6f28d5508fe659a101d1f2929122d8c96cf14d674a0ce9cbb4e631e98617c5a
-
SSDEEP
768:tKk1/sOmVkXeCFbQwHk3gCb2JBD0SKSq6bi0YV:tp1/BPHk34XRKSFbiR
Score7/10-
Deletes itself
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-