Extracted

• • Target

    JaffaCakes118_7a9d83a1af4a72c8f4f3acdfe39e445f

  • Size

    2.7MB

  • MD5

    7a9d83a1af4a72c8f4f3acdfe39e445f

  • SHA1

    93202614e194352633aafe3a4cd46f75aeafe4d6

  • SHA256

    05448a71894d641cfe3c4ad2797077433307ef092d6f3da1082806a129583efb

  • SHA512

    c179295b7825a0fd24dd1fa3f75e7b9081b675ab67fc9d12717ba95a5b6c30d0f246a672b565351469e1672acb260fa8648b3e59d0c0c209c9fb19cff2f07caa

  • SSDEEP

    49152:stm70wqFk+DowagvqTdxi1sK5UGmgck/b5FRGGdLaEF9An2R1yhVf:stm7VQkMZ7gRqUPgcM5FvaqyhVf

  Score

  10^/10

  stealthworkerantivmbotnetdiscoveryexecutionpersistenceprivilege_escalatio

  • StealthWorker

    StealthWorker is golang-based brute force malware.

    botnetstealthworker

  • Stealthworker family

    stealthworker

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    executionpersistenceprivilege_escalatio
  behavioral1