Malware Analysis Report

2024-11-15 05:21

Sample ID 240617-e8hrjayekl
Target b6ca3b8547a248f589855a0a0a2feaad_JaffaCakes118
SHA256 a7d2256afd1522e2e25fe0163b32bbc85b20d8078ea3cffbab7d2dc59a3a1177
Tags
score
1/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
1/10

SHA256

a7d2256afd1522e2e25fe0163b32bbc85b20d8078ea3cffbab7d2dc59a3a1177

Threat Level: No (potentially) malicious behavior was detected

The file b6ca3b8547a248f589855a0a0a2feaad_JaffaCakes118 was found to be: No (potentially) malicious behavior was detected.

Malicious Activity Summary

N/A

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2024-06-17 04:36

Signatures

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2024-06-17 04:36

Reported

2024-06-17 04:39

Platform

ubuntu2404-amd64-20240523-en

Max time network

148s

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

Country Destination Domain Proto
FR 79.137.37.132:777 tcp
N/A 224.0.0.251:5353 udp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
US 8.8.8.8:53 _http._tcp.security.ubuntu.com udp
US 8.8.8.8:53 _http._tcp.se.archive.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 security.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
US 8.8.8.8:53 se.archive.ubuntu.com udp
GB 185.125.190.83:80 security.ubuntu.com tcp
SE 194.71.11.165:80 se.archive.ubuntu.com tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp
FR 79.137.37.132:777 tcp

Files

N/A