Analysis Overview
SHA256
f82c167a6f71cc9b5d2e2795137b1e84c5ad58a1b1106a8d5248605a726ef1d9
Threat Level: Known bad
The file 9da1756c4d11fc14d38264f22998d689_JaffaCakes118 was found to be: Known bad.
Malicious Activity Summary
Detected Gafgyt variant
Gafgyt family
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-11 08:56
Signatures
Detected Gafgyt variant
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Gafgyt family
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-11 08:56
Reported
2024-06-11 08:56
Platform
ubuntu1804-amd64-20240508-en
Max time kernel
0s
Max time network
0s
Command Line
Signatures
Processes
/tmp/9da1756c4d11fc14d38264f22998d689_JaffaCakes118
[/tmp/9da1756c4d11fc14d38264f22998d689_JaffaCakes118]
Network
| Country | Destination | Domain | Proto |
| GB | 185.125.188.61:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| US | 151.101.1.91:443 | tcp | |
| US | 1.1.1.1:53 | ocp-ingress.fastly.gnome.org | udp |
| US | 151.101.1.91:443 | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-11 08:56
Reported
2024-06-11 08:56
Platform
debian9-armhf-20240418-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-11 08:56
Reported
2024-06-11 08:56
Platform
debian9-mipsbe-20240226-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-11 08:56
Reported
2024-06-11 08:56
Platform
debian9-mipsel-20240418-en