Overview

overview

10

Static

static

10

0020e45d1d...kes118

debian-9-armhf

6

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    25-04-2024 21:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0020e45d1d6ce43a48e11024e0a46c97_JaffaCakes118

  • Size

    191KB

  • MD5

    0020e45d1d6ce43a48e11024e0a46c97

  • SHA1

    fe5f88fe14735598a8a8a4869ff908654e9e038a

  • SHA256

    a229133e404ea924cf132cff161394e7690e60812aea8531d9460aa26e336fe6

  • SHA512

    73f17250d7fdf779d1e78625f441a929dc2fbb513900b560f65dd45e0f881da3f28abe2a2bfa5e04bcfff0ead49600a0da9209a05478ca1489290079500c88bc

  • SSDEEP

    3072:hjfgX+6k8heok15Th7OweBWvphnfghzamOx4kZdZgG8oiEfdT7kn0FpRD0UWDmtn:h5DpJo1ajxVhgG8SdTJIDmt+SkalkopD

Score
6/10

Malware Config

Signatures

  • Enumerates active TCP sockets 1 TTPs 1 IoCs

    Gets active TCP sockets from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/0020e45d1d6ce43a48e11024e0a46c97_JaffaCakes118
    /tmp/0020e45d1d6ce43a48e11024e0a46c97_JaffaCakes118
    1⤵
    • Enumerates active TCP sockets
    • Reads system network configuration
    • Reads runtime system information
    PID:655

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads