Analysis
-
max time kernel
148s -
max time network
150s -
platform
debian-9_armhf -
resource
debian9-armhf-20240226-en -
resource tags
arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
02/04/2024, 08:08
Behavioral task
behavioral1
Sample
871d042a5539279c70edf759b1c3de0d_JaffaCakes118
Resource
debian9-armhf-20240226-en
2 signatures
150 seconds
General
-
Target
871d042a5539279c70edf759b1c3de0d_JaffaCakes118
-
Size
98KB
-
MD5
871d042a5539279c70edf759b1c3de0d
-
SHA1
d2800919c9d8f2ff4517acf5267f3dc5170f6eca
-
SHA256
d83c7c136fbdc4f3b9f6635d5df46585523f06dfa04e0dc2e6a90c1b17bd6efe
-
SHA512
3da94e281b77bfcdb5ae5b1001a7b4faa4f85d4f9ebb5752eb69c191f5556f7df71f0da1034e0c761b4a887337457c20c9cd9c6a255520323fd7d5af2ae464bd
-
SSDEEP
3072:VSx+i6mqaObhNWnPbGnbhdamZuqQ4DPwXXtse:y6mRObnWnPCvamZuqQ4DPwXXtse
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
description ioc Process File opened for reading /proc/net/route 871d042a5539279c70edf759b1c3de0d_JaffaCakes118 -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/route 871d042a5539279c70edf759b1c3de0d_JaffaCakes118