Analysis
-
max time kernel
145s -
max time network
146s -
platform
debian-9_mips -
resource
debian9-mipsbe-20240226-en -
resource tags
arch:mipsimage:debian9-mipsbe-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem -
submitted
02/04/2024, 01:15
Behavioral task
behavioral1
Sample
7f8e3d835f2e9717a640757be0c2e8cf_JaffaCakes118
Resource
debian9-mipsbe-20240226-en
3 signatures
150 seconds
General
-
Target
7f8e3d835f2e9717a640757be0c2e8cf_JaffaCakes118
-
Size
170KB
-
MD5
7f8e3d835f2e9717a640757be0c2e8cf
-
SHA1
5125e47272afda24cee684bc46f8abf00218ef38
-
SHA256
fd0bf1580ee8f50158726486fd490985d04f7b56b5eda9d6ed2720340fcd523c
-
SHA512
04bcfb291f5f0aa7d6bb06c89ce156f49e6022e9e60296cac96d68ec5cd3219df44d2afec3624b34920a8fb02907bba7e1b63951afb802cedd02fdc3db409a3b
-
SSDEEP
3072:lVS8+TeVpTG0WntEN3Cw6L0+iQm4inOSrldQnq2Z4c2bO:LStgptCp/EKSrldQnq2Z4c2bO
Score
7/10
Malware Config
Signatures
-
Changes its process name 1 IoCs
description ioc pid Process Changes the process name, possibly in an attempt to hide itself sshd 715 7f8e3d835f2e9717a640757be0c2e8cf_JaffaCakes118 -
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
description ioc Process File opened for reading /proc/net/route 7f8e3d835f2e9717a640757be0c2e8cf_JaffaCakes118 -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/route 7f8e3d835f2e9717a640757be0c2e8cf_JaffaCakes118