96b1a55731ca9222e1e16e00675920e582bf463a7f39718ea9a892a5efe7fe0e

Analysis

max time kernel
149s
max time network
149s
platform
ubuntu-18.04_amd64
resource
ubuntu1804-amd64-20240226-en
resource tags

arch:amd64arch:i386image:ubuntu1804-amd64-20240226-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
submitted
26-04-2024 19:19

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

017adf275b98db7fee280b9c9d9aba97_JaffaCakes118
Size

64KB
MD5

017adf275b98db7fee280b9c9d9aba97
SHA1

675de2b9156227de294e37cc18a0e9c7296ad727
SHA256

96b1a55731ca9222e1e16e00675920e582bf463a7f39718ea9a892a5efe7fe0e
SHA512

dcfd60ce752b4c1b0f56d367691d8c941dec6b484ef1eadec3cf342de92687e4e1c79b7e1af3fa848b8ad6689b1e6a31c3500a82fe143ca2e5c5890557809032
SSDEEP

768:SK1SaASLCOtGQf+D2K2Y4fPyJbPbQBwRnEHsPdIjqIu33kUqiQgYRQ3ClsI8N:j1Sa9V+GY4yWKRnEZjq6UYHG3Esr

Score

9^/10

discovery

Malware Config

Signatures

Contacts a large (37867) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	017adf275b98db7fee280b9c9d9aba97_JaffaCakes118

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

System Network Configuration Discovery

T1016

description	ioc	Process
File opened for reading	/proc/net/route	017adf275b98db7fee280b9c9d9aba97_JaffaCakes118

/tmp/017adf275b98db7fee280b9c9d9aba97_JaffaCakes118
/tmp/017adf275b98db7fee280b9c9d9aba97_JaffaCakes118
1⤵
- Reads system routing table
- Reads system network configuration
PID:1577

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

T1046

System Network Configuration Discovery

T1016

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads