4396e6674fcde3df230b545d4a0c7a6e4b78505523d233652891ae1e172e574f

Resubmissions

16-05-2024 08:19

240516-j7729abg5v 10

16-05-2024 05:32

240516-f79z3aed68 10

Analysis

max time kernel
1s
max time network
133s
platform
ubuntu-20.04_amd64
resource
ubuntu2004-amd64-20240508-en
resource tags

arch:amd64arch:i386image:ubuntu2004-amd64-20240508-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
submitted
16-05-2024 05:32

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118
Size

54KB
MD5

499b5cb1af9ebf0b1ccaeb3c38c8265f
SHA1

291fdc2aaa136b1834d2e83218b7cd08fd9a37b0
SHA256

4396e6674fcde3df230b545d4a0c7a6e4b78505523d233652891ae1e172e574f
SHA512

8ad86fbaa1c6f6f1eade04d10c10c78d7f83118c03ea4afe22dce3acde77bad9172d059eb0645987ac94bd163c2da45a5702ac3544cccb8374769862983297e2
SSDEEP

1536:CRJwTcp2PZCTQg7csAeoAFWL4c4owjMI:SwTo2PZCLQ9YFWUc4zg

Score

7^/10

Malware Config

Signatures

Deletes itself 1 IoCs

Processes:

499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118

pid process

1393 499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118

pid	process
1393	499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118

Modifies Watchdog functionality 1 TTPs 2 IoCs

Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

Impair Defenses

T1562

Processes:

499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118

description	ioc	process
File opened for modification	/dev/watchdog	499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118
File opened for modification	/dev/misc/watchdog	499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118

/tmp/499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118
/tmp/499b5cb1af9ebf0b1ccaeb3c38c8265f_JaffaCakes118
1⤵
- Deletes itself
- Modifies Watchdog functionality
PID:1393

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

T1562

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads