Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240226-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    21-04-2024 10:53

General

  • Target

    ff1de24ca3b9518e6971a9bf80f59396_JaffaCakes118

  • Size

    140KB

  • MD5

    ff1de24ca3b9518e6971a9bf80f59396

  • SHA1

    d73abc6947d0e5b241aa664b008c2ae567bf8307

  • SHA256

    027d638335e1a5df07ba064c74d5331acbabbe513ce71c5a09e35ad67be77d84

  • SHA512

    c20a1e87b70aba22446466fa44b498df97df318ff31ec4ef51e45c86c5795b20d2ac8c5ef5121127486dc3543563c1fabfbde804daf6ad76f8bfd75acddd3e7a

  • SSDEEP

    1536:7dUv7FP1WEmove9h7nEqJ4xPHbgM+XC7tY2Xk4xppppppppvpsTH/KzwyM:7mv7FhveLjNM2C7clfKrM

Score
6/10

Malware Config

Signatures

  • Enumerates active TCP sockets 1 TTPs 1 IoCs

    Gets active TCP sockets from /proc virtual filesystem.

  • Changes its process name 1 IoCs
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 13 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/ff1de24ca3b9518e6971a9bf80f59396_JaffaCakes118
    /tmp/ff1de24ca3b9518e6971a9bf80f59396_JaffaCakes118
    1⤵
    • Enumerates active TCP sockets
    • Changes its process name
    • Reads system network configuration
    • Reads runtime system information
    PID:708

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads