Analysis Overview
SHA256
012239d21cbf76e09bca91cb3f7c23c5960360129f2f512bc096f55b74fb111a
Threat Level: Likely benign
The file b54eb0a55405d0b11681391f70fe0be6_JaffaCakes118 was found to be: Likely benign.
Malicious Activity Summary
Changes its process name
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-16 21:32
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-16 21:32
Reported
2024-06-16 21:35
Platform
ubuntu1804-amd64-20240611-en
Max time kernel
0s
Max time network
131s
Command Line
Signatures
Changes its process name
| Description | Indicator | Process | Target |
| Changes the process name, possibly in an attempt to hide itself | vi | /tmp/rwwwshell.pl | N/A |
Processes
/tmp/rwwwshell.pl
[/tmp/rwwwshell.pl]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 185.125.188.62:443 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| US | 151.101.129.91:443 | tcp | |
| US | 151.101.129.91:443 | tcp | |
| GB | 89.187.167.3:443 | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-16 21:32
Reported
2024-06-16 21:35
Platform
debian9-armhf-20240418-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-16 21:32
Reported
2024-06-16 21:32
Platform
debian9-mipsbe-20240611-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-16 21:32
Reported
2024-06-16 21:32
Platform
debian9-mipsel-20240611-en