Analysis
-
max time kernel
0s -
max time network
131s -
platform
ubuntu-18.04_amd64 -
resource
ubuntu1804-amd64-20240508-en -
resource tags
arch:amd64arch:i386image:ubuntu1804-amd64-20240508-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system -
submitted
16-05-2024 12:32
Behavioral task
behavioral1
Sample
4b15c1db86ac2a8d552b898cbeb6a2ca_JaffaCakes118
Resource
ubuntu1804-amd64-20240508-en
ubuntu-18.04-amd64
2 signatures
150 seconds
General
-
Target
4b15c1db86ac2a8d552b898cbeb6a2ca_JaffaCakes118
-
Size
54KB
-
MD5
4b15c1db86ac2a8d552b898cbeb6a2ca
-
SHA1
15615517298f471f95fc4f36759ef9df362aae5b
-
SHA256
631a0f7fe5daa96dbfd7bcbdd13d7b2e0137e40187608a081606b6cae2cf3952
-
SHA512
e31a518afd063f725ded65d8bbefc6dd3a183919ad8a9892a819aea27a89e433c90e1c5a1ae958e33f997fcc0303a9eaa8a01fc46cb6a8125aa0e2ab1c1cee5c
-
SSDEEP
768:R3HT2eWvuWYb3kfSzDrbrivF8NOpQ+EU/HYXH7WYdTZrtOfxcX6y:RDBWYb3uSzDPrivF8QbFg7WCTZrt+xc
Score
7/10
Malware Config
Signatures
-
Deletes itself 1 IoCs
Processes:
4b15c1db86ac2a8d552b898cbeb6a2ca_JaffaCakes118pid process 1474 4b15c1db86ac2a8d552b898cbeb6a2ca_JaffaCakes118 -
Modifies Watchdog functionality 1 TTPs 2 IoCs
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
Processes:
4b15c1db86ac2a8d552b898cbeb6a2ca_JaffaCakes118description ioc process File opened for modification /dev/watchdog 4b15c1db86ac2a8d552b898cbeb6a2ca_JaffaCakes118 File opened for modification /dev/misc/watchdog 4b15c1db86ac2a8d552b898cbeb6a2ca_JaffaCakes118