General
-
Target
f97ffb8896fd6f6ce7a605a8b3324ae9_JaffaCakes118
-
Size
140KB
-
Sample
241218-bddmjsvrby
-
MD5
f97ffb8896fd6f6ce7a605a8b3324ae9
-
SHA1
e88b7423e1692885ccd8fd0eb0d3f803c5f088d3
-
SHA256
45fa5f05d85fdcf3fdfe4be2698c7af2f8d7d3db0951a72898bb384c0208cefb
-
SHA512
0ae80f4a751c455789ff0f6151d721e75c2ed019fff26f35ab9f739ca2a20f0fbdf56a0db7bb2a777a36667243459a2d45b59d4b39e9f1c054b46f74294613d2
-
SSDEEP
3072:VYbSBRRYlfDsajlYqN3032IK4px3X4jj3CPazWZSM/98/r:abqRefDsskRK4px3XKjEazZM/98/r
Behavioral task
behavioral1
Sample
f97ffb8896fd6f6ce7a605a8b3324ae9_JaffaCakes118
Resource
debian12-armhf-20240221-en
Malware Config
Targets
-
-
Target
f97ffb8896fd6f6ce7a605a8b3324ae9_JaffaCakes118
-
Size
140KB
-
MD5
f97ffb8896fd6f6ce7a605a8b3324ae9
-
SHA1
e88b7423e1692885ccd8fd0eb0d3f803c5f088d3
-
SHA256
45fa5f05d85fdcf3fdfe4be2698c7af2f8d7d3db0951a72898bb384c0208cefb
-
SHA512
0ae80f4a751c455789ff0f6151d721e75c2ed019fff26f35ab9f739ca2a20f0fbdf56a0db7bb2a777a36667243459a2d45b59d4b39e9f1c054b46f74294613d2
-
SSDEEP
3072:VYbSBRRYlfDsajlYqN3032IK4px3X4jj3CPazWZSM/98/r:abqRefDsskRK4px3XKjEazZM/98/r
Score9/10-
Contacts a large (23841) amount of remote hosts
This may indicate a network scan to discover remotely running services.
-
Creates a large amount of network flows
This may indicate a network scan to discover remotely running services.
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Reads process memory
Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.
-