Analysis
-
max time kernel
120s -
max time network
134s -
platform
ubuntu-20.04_amd64 -
resource
ubuntu2004-amd64-20240221-en -
resource tags
arch:amd64arch:i386image:ubuntu2004-amd64-20240221-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system -
submitted
18-04-2024 12:14
Behavioral task
behavioral1
Sample
f7f82b546377bb7cacb87b03220a8f8b_JaffaCakes118
Resource
ubuntu2004-amd64-20240221-en
ubuntu-20.04-amd64
2 signatures
150 seconds
General
-
Target
f7f82b546377bb7cacb87b03220a8f8b_JaffaCakes118
-
Size
4.5MB
-
MD5
f7f82b546377bb7cacb87b03220a8f8b
-
SHA1
8c634b67265ddf7ea86cb6e4f3a29d8e97ddf5ad
-
SHA256
3c533054390bc2d04ba96089302170a806c5cdb624536037a38c9ecb5aeea75d
-
SHA512
8133c2f2702dc53f06cee8618bf7e429fa5620210fafb8c860cacfd4bbbabcd84aca469c74eb81c4be3400850c4e14805525a7771e5fe0b9b65a748fae18154b
-
SSDEEP
49152:/SPyBuRkzNsX9+jNEmVzTEW9teAbkc3UhrLcKtsqUE/HLGesPf8ISlVkdkotlsqq:PdDNEYEikcurYKKqlLlsNP/i
Score
3/10
Malware Config
Signatures
-
Enumerates kernel/hardware configuration 1 TTPs 1 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.
description ioc Process File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size f7f82b546377bb7cacb87b03220a8f8b_JaffaCakes118 -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/f7f82b546377bb7cacb87b03220a8f8b_JaffaCakes118.pid f7f82b546377bb7cacb87b03220a8f8b_JaffaCakes118