Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240508-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240508-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    17-06-2024 22:12

General

  • Target

    441ab8542f9aab3cee0b9e0db35a3ed8_JaffaCakes118

  • Size

    1.5MB

  • MD5

    441ab8542f9aab3cee0b9e0db35a3ed8

  • SHA1

    b4955a6f7406e85b89f6ae1439a574e0ce07d9dd

  • SHA256

    1ad826066e9a74b7a703c2bb25c9ba320de7fde61a22b3b32f516014b5083db1

  • SHA512

    8925bd2448a7d80836ce03c0341c92ae6e2c1990eb6d496cb2b49748d9073195fc121ea5b45858c3f7429568170c1a9600bf751b5438364b65485140e977c116

  • SSDEEP

    24576:hNJp/2SkgT4KUAopmhDO2Aan9XgnU6tZAf4Nzbm6g+qF2SdYOrhG2+bL+cH8y6LL:hNvOx/Vp/2bn9XgnNtmf28rhhbccIwhL

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/441ab8542f9aab3cee0b9e0db35a3ed8_JaffaCakes118
    /tmp/441ab8542f9aab3cee0b9e0db35a3ed8_JaffaCakes118
    1⤵
    • Checks CPU configuration
    • Reads system network configuration
    • Reads runtime system information
    • Writes file to tmp directory
    PID:1438

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads