Overview

overview

7

Static

static

1

f387e97c2f...kes118

ubuntu-18.04-amd64

7

Analysis

  • max time kernel
    0s
  • max time network
    131s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240226-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    16/04/2024, 12:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f387e97c2f154d562c3b97c9b729ca35_JaffaCakes118

  • Size

    151KB

  • MD5

    f387e97c2f154d562c3b97c9b729ca35

  • SHA1

    90b098107c58c08d0fc1a63e48735f5317e77960

  • SHA256

    083dcaa9fa1cdcb0df5a3308baedc4955eb8b8a901080c7cb938b1f0f1a0afaa

  • SHA512

    b68fce7e6e6fb1c420891dba7d6a2a12f1c0b5d5f5f98ff18efec5136f0136212d8947dd3c5f781fc2a8809c30d546097a27e1d5b7f737d06f3fe0f69a815348

  • SSDEEP

    3072:4QqD9e9a7UUMmAG5OK75qPiVo7SKL2MwqfaGemNUgGyF59Uy9hw8WxjV6:sI9a75dx0aVdEwAaENUfqL6A

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/f387e97c2f154d562c3b97c9b729ca35_JaffaCakes118
    /tmp/f387e97c2f154d562c3b97c9b729ca35_JaffaCakes118
    1⤵
    • Changes its process name
    • Reads runtime system information
    • Writes file to tmp directory
    PID:1571

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads