Overview

overview

10

Static

static

10

cb01e0e2fd...kes118

debian-9-armhf

7

Analysis

  • max time kernel
    0s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    05-04-2024 04:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    cb01e0e2fdde2cd63336c138b3f8db38_JaffaCakes118

  • Size

    81KB

  • MD5

    cb01e0e2fdde2cd63336c138b3f8db38

  • SHA1

    c38583eee917b08b527fedd7ae48aca1248eadd6

  • SHA256

    1d2eac628d3c3544e3eb9801dbc3a03777383689011e62fb824ca5d13cedb815

  • SHA512

    f3078914a8424766cb3216df54b20c37e42897b3d15a38628554492ac1f63a4fb168eef64d546a24dc7d11b0476ac9edd58d40348bb26af8a99172ae31371979

  • SSDEEP

    1536:uJw/ov6TKGT0aUowLrzY338wCmmpmB5xRQdkAippV25ttr+8zXcAokAja:uJwc3WMKGmAgpV25ttfsAX

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

Processes

  • /tmp/cb01e0e2fdde2cd63336c138b3f8db38_JaffaCakes118
    /tmp/cb01e0e2fdde2cd63336c138b3f8db38_JaffaCakes118
    1⤵
    • Deletes itself
    • Modifies Watchdog functionality
    PID:663

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads