Analysis
-
max time kernel
120s -
max time network
131s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240221-en -
resource tags
arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system -
submitted
29/03/2024, 15:52
Behavioral task
behavioral1
Sample
2619632872a7acd190bc2a02faedcce1_JaffaCakes118
Resource
ubuntu2004-amd64-20240221-en
3 signatures
150 seconds
General
-
Target
2619632872a7acd190bc2a02faedcce1_JaffaCakes118
-
Size
118KB
-
MD5
2619632872a7acd190bc2a02faedcce1
-
SHA1
b259c40ff9f016baca07df420e50ada3a7c64f8c
-
SHA256
e2c94cfbf6e7e6f86ae46ed68809626d81f3e87846ab23de82706a0c088097e5
-
SHA512
26fed6c632b41122dee3069334b039a304848822c4c68a808e0c2e62940c1bb1010fdad033e6d5229e55dc993eb0d73cbb6160e82d97f311dbd95064959484af
-
SSDEEP
3072:kOdZ5l8YKgfhCsBiHetJ8add9QzTsQvzUYgt4mKcXeGcgqqi:nl8eEYiHetJ8addQXQt4mKcXdcgqqi
Score
7/10
Malware Config
Signatures
-
Changes its process name 1 IoCs
description pid Process Changes the process name, possibly in an attempt to hide itself 1479 2619632872a7acd190bc2a02faedcce1_JaffaCakes118 -
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
description ioc Process File opened for reading /proc/net/route 2619632872a7acd190bc2a02faedcce1_JaffaCakes118 -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/route 2619632872a7acd190bc2a02faedcce1_JaffaCakes118