b56471d088e485d6a5296bdc0c7bfc65_JaffaCakes118 | Triage

Submit
Reports

Overview

overview

3

Static

static

1

addNonRootUser.sh

windows7-x64

3

addNonRootUser.sh

windows10-2004-x64

3

busybox

ubuntu-18.04-amd64

busybox

debian-9-armhf

busybox

debian-9-mips

busybox

debian-9-mipsel

busybox_static

ubuntu-18.04-amd64

busybox_static

debian-9-armhf

busybox_static

debian-9-mips

busybox_static

debian-9-mipsel

compressFilesystem.sh

ubuntu-18.04-amd64

compressFilesystem.sh

debian-9-armhf

compressFilesystem.sh

debian-9-mips

compressFilesystem.sh

debian-9-mipsel

dbclient

ubuntu-18.04-amd64

dbclient

debian-9-armhf

dbclient

debian-9-mips

dbclient

debian-9-mipsel

deleteFilesystem.sh

ubuntu-18.04-amd64

deleteFilesystem.sh

debian-9-armhf

deleteFilesystem.sh

debian-9-mips

deleteFilesystem.sh

debian-9-mipsel

execInProot.sh

ubuntu-18.04-amd64

execInProot.sh

debian-9-armhf

execInProot.sh

debian-9-mips

execInProot.sh

debian-9-mipsel

extractFilesystem.sh

ubuntu-18.04-amd64

extractFilesystem.sh

debian-9-armhf

extractFilesystem.sh

debian-9-mips

extractFilesystem.sh

debian-9-mipsel

gzip

ubuntu-18.04-amd64

gzip

debian-9-armhf

Sharing

Copy URL Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

addNonRootUser.sh

Resource

win7-20240508-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

addNonRootUser.sh

Resource

win10v2004-20240611-en

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral3

Sample

busybox

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

busybox

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

busybox

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

busybox

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

busybox_static

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

busybox_static

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

busybox_static

Resource

debian9-mipsbe-20240418-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

busybox_static

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

compressFilesystem.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

compressFilesystem.sh

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

compressFilesystem.sh

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

compressFilesystem.sh

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

dbclient

Resource

ubuntu1804-amd64-20240508-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

dbclient

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

dbclient

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

dbclient

Resource

debian9-mipsel-20240418-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

deleteFilesystem.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

deleteFilesystem.sh

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

deleteFilesystem.sh

Resource

debian9-mipsbe-20240418-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

deleteFilesystem.sh

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

execInProot.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

execInProot.sh

Resource

debian9-armhf-20240611-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

execInProot.sh

Resource

debian9-mipsbe-20240418-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

execInProot.sh

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

extractFilesystem.sh

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

extractFilesystem.sh

Resource

debian9-armhf-20240418-en

debian-9-armhf

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

extractFilesystem.sh

Resource

debian9-mipsbe-20240611-en

debian-9-mips

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

extractFilesystem.sh

Resource

debian9-mipsel-20240611-en

debian-9-mipsel

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

gzip

Resource

ubuntu1804-amd64-20240611-en

ubuntu-18.04-amd64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

gzip

Resource

debian9-armhf-20240418-en

debian-9-armhf

0 signatures

150 seconds

General

Target

b56471d088e485d6a5296bdc0c7bfc65_JaffaCakes118
Size

3.1MB
MD5

b56471d088e485d6a5296bdc0c7bfc65
SHA1

e64346b4a1fd020df6a2ca4cdf75d5817dc17eb9
SHA256

9548404b151c6de37b20cc790217541314b53dd96ed20ed74ccd9cc6fac5e552
SHA512

da39557c73599025e34291cc4fd9eea735745d17935b95859ac75f284ee1a7c908831ad3a5000ca61b13881800b039af33d6ae673678dd4b9d9cb076cb80551a
SSDEEP

98304:56b8szIep7rbB2oIep7rbBkZFEX32tbf13u1MGY2L:wb8Gp7rbNp7rbKEH2xf13u1MGY2L

Score

1^/10

Malware Config

Signatures

Files

b56471d088e485d6a5296bdc0c7bfc65_JaffaCakes118
.zip
addNonRootUser.sh
busybox
.elf linux aarch64
busybox_static
.elf linux aarch64
compressFilesystem.sh
.sh linux
dbclient
.elf linux aarch64
deleteFilesystem.sh
.sh linux
execInProot.sh
.sh linux
extractFilesystem.sh
.sh linux
gzip
.elf linux aarch64
isServerInProcTree.sh
.sh linux
killProcTree.sh
.sh linux
libc++_shared.so
.elf linux aarch64
libcrypto.so.1.1
.elf linux aarch64
libleveldb.so.1
.elf linux aarch64
libtalloc.so.2
.elf linux aarch64
libtermux
.elf linux aarch64
libtermux-auth.so
.elf linux aarch64
libutil.so
.elf linux aarch64
loader
.elf linux aarch64
proot
.elf linux aarch64
proot_meta
.elf linux aarch64
proot_meta_leveldb
.elf linux aarch64
stat4
stat8
uptime
version

© 2018-2025

Terms | Privacy