Analysis

  • max time kernel
    145s
  • max time network
    146s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    02/04/2024, 03:18

General

  • Target

    822f679ccf698fd894bcc5c8d711fda0_JaffaCakes118

  • Size

    156KB

  • MD5

    822f679ccf698fd894bcc5c8d711fda0

  • SHA1

    52b31bf31da710124d2e43145eeea565674c9cc3

  • SHA256

    de193aae9ea6d7b04083a175945d52d56b9a4ad25da834cb3a6ecb604749a59e

  • SHA512

    af3d067c73203f5a396cc46587d05333ff72ab2fc53c5fabe7a7925336dcb184b8ba259dc2cec8eb440f48191d2eac0f7a2b7ba928af7b5da689df368784c1b8

  • SSDEEP

    3072:T1g2/eINNlzx2kkQCMOaQcvBFYnyLRM/9zXwmFwfBxKQodn:hg2hNNlzIkk/MOa/TYnydM/9cmFwfBxE

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/822f679ccf698fd894bcc5c8d711fda0_JaffaCakes118
    /tmp/822f679ccf698fd894bcc5c8d711fda0_JaffaCakes118
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:654

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads