Overview

overview

7

Static

static

7

8bfc072d37...kes118

ubuntu-20.04-amd64

6

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8bfc072d37f41190515f8dc00a59fb2e_JaffaCakes118

  • Size

    2.5MB

  • Sample

    240601-19exxsgf5w

  • MD5

    8bfc072d37f41190515f8dc00a59fb2e

  • SHA1

    2d9600a0697de84522b4e65d9be02b9ed9352b4d

  • SHA256

    35e45d556443c8bf4498d8968ab2a79e751fc2d359bf9f6b4dfd86d417f17cfb

  • SHA512

    746da073a5f89370238d1b6268c16730edbced02afacd9663a30042be9cc41780d6a0e0edfebddfac5f4bb2d7f46edb801efe40d03d688dde33f3c792039f149

  • SSDEEP

    49152:vVCtClGueBQxAwYn0BJNs7CD9d8nyB+xZkl1NNbE7vWdM:NCGGhfRn0BJNs7++yBUZkTXwLWO

Score
7/10
antivmlinuxpersistenceupx

Malware Config

Targets

    • Target

      8bfc072d37f41190515f8dc00a59fb2e_JaffaCakes118

    • Size

      2.5MB

    • MD5

      8bfc072d37f41190515f8dc00a59fb2e

    • SHA1

      2d9600a0697de84522b4e65d9be02b9ed9352b4d

    • SHA256

      35e45d556443c8bf4498d8968ab2a79e751fc2d359bf9f6b4dfd86d417f17cfb

    • SHA512

      746da073a5f89370238d1b6268c16730edbced02afacd9663a30042be9cc41780d6a0e0edfebddfac5f4bb2d7f46edb801efe40d03d688dde33f3c792039f149

    • SSDEEP

      49152:vVCtClGueBQxAwYn0BJNs7CD9d8nyB+xZkl1NNbE7vWdM:NCGGhfRn0BJNs7++yBUZkTXwLWO

    Score
    6/10
    antivmpersistence

    • Checks hardware identifiers (DMI)

      Checks DMI information which indicate if the system is a virtual machine.

      antivm

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

      persistence

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Reads hardware information

      Accesses system info like serial numbers, manufacturer names etc.

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Scheduled Task/Job

1
T1053

Persistence

Scheduled Task/Job

1
T1053

Privilege Escalation

Scheduled Task/Job

1
T1053

Defense Evasion

Virtualization/Sandbox Evasion

2
T1497

Credential Access

Discovery

Virtualization/Sandbox Evasion

2
T1497

System Information Discovery

3
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks