Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240611-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    17-06-2024 22:25

General

  • Target

    5a16c12e1abe11317465ea4032aa25aa_JaffaCakes118

  • Size

    1.4MB

  • MD5

    5a16c12e1abe11317465ea4032aa25aa

  • SHA1

    3200fdbdc9ab6f6adf7268f5ce251eeffe787ee1

  • SHA256

    a74064791b4a02b6b1aa702793bf8889e1baf053bc26652b96bb651d8d8bafad

  • SHA512

    360f42d325ed542abcc292b95673c87ef21ed05f8eb2c47a567247db1251b6439536bd5454c22a2ca1ffd39193afad81d9b919759e0d21b4aa8ac6ac727f7245

  • SSDEEP

    24576:BWXZImswkEiPhIVewQR65nc6mR4pNxahbFiFSX0gFJ60Sm77MbudgBKlUsrjtRlz:BWJbiGVetR65nZmRHX0gFJ60SWoKlJHP

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/5a16c12e1abe11317465ea4032aa25aa_JaffaCakes118
    /tmp/5a16c12e1abe11317465ea4032aa25aa_JaffaCakes118
    1⤵
    • Checks CPU configuration
    • Reads system network configuration
    • Reads runtime system information
    • Writes file to tmp directory
    PID:1400

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads