Analysis

  • max time kernel
    148s
  • max time network
    150s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    02/04/2024, 08:08

General

  • Target

    871d042a5539279c70edf759b1c3de0d_JaffaCakes118

  • Size

    98KB

  • MD5

    871d042a5539279c70edf759b1c3de0d

  • SHA1

    d2800919c9d8f2ff4517acf5267f3dc5170f6eca

  • SHA256

    d83c7c136fbdc4f3b9f6635d5df46585523f06dfa04e0dc2e6a90c1b17bd6efe

  • SHA512

    3da94e281b77bfcdb5ae5b1001a7b4faa4f85d4f9ebb5752eb69c191f5556f7df71f0da1034e0c761b4a887337457c20c9cd9c6a255520323fd7d5af2ae464bd

  • SSDEEP

    3072:VSx+i6mqaObhNWnPbGnbhdamZuqQ4DPwXXtse:y6mRObnWnPCvamZuqQ4DPwXXtse

Score
6/10

Malware Config

Signatures

  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/871d042a5539279c70edf759b1c3de0d_JaffaCakes118
    /tmp/871d042a5539279c70edf759b1c3de0d_JaffaCakes118
    1⤵
    • Reads system routing table
    • Reads system network configuration
    PID:646

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads