Analysis
-
max time network
155s -
platform
debian-12_armhf -
resource
debian12-armhf-20240221-en -
resource tags
arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem -
submitted
19/04/2024, 01:22
Static task
static1
Behavioral task
behavioral1
Sample
f931672ea333f80c3560d3b70951159d_JaffaCakes118
Resource
debian12-armhf-20240221-en
debian-12-armhf
1 signatures
150 seconds
General
-
Target
f931672ea333f80c3560d3b70951159d_JaffaCakes118
-
Size
84KB
-
MD5
f931672ea333f80c3560d3b70951159d
-
SHA1
248bcd44d8a4536628c4f158b9b4396de52e3707
-
SHA256
be8f5c0f3b42589b573d91cec71965f13a461a8fbc09021d9cb065de41ee1bcf
-
SHA512
1316386afcba7af2599c2f216c58ccbe04a959970095b942dd67e8aa2791d3e8262c4e12c4a5cae01290c6cefefeac801e16b9648d8232c6c30809c2e9662bd2
-
SSDEEP
1536:kOn8/2zo+fXlGCeTkL3RRDR5KKYi2VICiPequXBzfKMYvx3fOyURgdG6efYIhBAG:e2zo+fXlGCeTkL3RRD3YePe5TJgdGffZ
Score
7/10
Malware Config
Signatures
-
Unexpected DNS network traffic destination 35 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1 Destination IP 1.0.0.1