Overview

overview

10

Static

static

10

f628f66387...kes118

debian-9-armhf

3

Analysis

  • max time kernel
    120s
  • max time network
    66s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    17-04-2024 16:08

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f628f663871689fb277a83544cc9a798_JaffaCakes118

  • Size

    4.5MB

  • MD5

    f628f663871689fb277a83544cc9a798

  • SHA1

    52291b1660e73d69ca84175735d49a2b3d771845

  • SHA256

    6df0897d4eb0826c47850968708143ecb9b58a0f3453caa615c0f62396ef816b

  • SHA512

    b3862ee9e3bec9a43ff9fd20b36503969726e0f4dc2be1fbe35df6e744d09e36bb7fbc50ba665a9bff4cd9e38533fb55cd4385f3e139273ab1bfc592c2692b8f

  • SSDEEP

    49152:CG0/KH36oVa4T3lq6e3kUw2PuWD4jOlTv3FKuAb7/C:F0/u3lVF7U6UTQ/C

Score
3/10

Malware Config

Signatures

  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/f628f663871689fb277a83544cc9a798_JaffaCakes118
    /tmp/f628f663871689fb277a83544cc9a798_JaffaCakes118
    1⤵
    • Enumerates kernel/hardware configuration
    • Writes file to tmp directory
    PID:640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads