bfd5ae94e2be72ddd77a1b42bd3f56d9a45896bc08a3aeed3503757407b9a4a6 | Triage

Submit
Reports

Overview

overview

Static

static

0cfb0ba967...kes118

debian-12-armhf

9

Analysis

max time network
153s
platform
debian-12_armhf
resource
debian12-armhf-20240221-en
resource tags

arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
submitted
02-05-2024 00:29

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0cfb0ba967fee0b3b36b7a5806e3a238_JaffaCakes118

Resource

debian12-armhf-20240221-en

debian-12-armhf

2 signatures

150 seconds

Report Analysis Logs

General

Target

0cfb0ba967fee0b3b36b7a5806e3a238_JaffaCakes118
Size

148KB
MD5

0cfb0ba967fee0b3b36b7a5806e3a238
SHA1

8e735ad97f5f9aec1677ab75ed609685c0ace2bc
SHA256

bfd5ae94e2be72ddd77a1b42bd3f56d9a45896bc08a3aeed3503757407b9a4a6
SHA512

8bfb38165d6ee5aedec775ca298658a7387202e2066921625b4ef7e42bad0015ed59cabbb97eed0a8e54dfce42e7138d84db617c37d3a7aa83413b13c8feb03b
SSDEEP

3072:t1a5fdUEjnBGrYkRaaWgV9mrsplDKZUmQBKXAVanlX+F8JyvG4hLnAVIl+3jJNx1:tc5f2EjnBGrYkRaaLV9mrsplDKZUmQB2

Score

9^/10

discovery

Malware Config

Signatures

Contacts a large (20782) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Processes

Network

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2024

Terms | Privacy