Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240611-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    17-06-2024 21:57

General

  • Target

    3788a1f0d003114ecb95f70575edc431_JaffaCakes118

  • Size

    1.5MB

  • MD5

    3788a1f0d003114ecb95f70575edc431

  • SHA1

    46573ccc03facc70d69108905d5dbe1948c57a35

  • SHA256

    48c5ba170a2aca2ce62f9a032a569d55ed2a36448119a396113d025f9888c44a

  • SHA512

    058e70b4b20b37834ec461a24e5ca3c70df3d590e08e459a0e9550a7870fffd9afa817e3394bba2fec0d19743e4bdd341b1d141c94e3944c0b4ed0dcf4518855

  • SSDEEP

    24576:hNJp/2SkgT4KUAopmhDO2Aan9XgnU6tZAf4Nzbm6g+qF2SdYOrhG++bL+cH8y6LL:hNvOx/Vp/2bn9XgnNtmf28rhtbccIwhL

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/3788a1f0d003114ecb95f70575edc431_JaffaCakes118
    /tmp/3788a1f0d003114ecb95f70575edc431_JaffaCakes118
    1⤵
    • Checks CPU configuration
    • Reads system network configuration
    • Reads runtime system information
    • Writes file to tmp directory
    PID:1502

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads