Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    ubuntu-20.04_amd64
  • resource
    ubuntu2004-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2004-amd64-20240729-enkernel:5.4.0-169-genericlocale:en-usos:ubuntu-20.04-amd64system
  • submitted
    28-07-2024 03:33

General

  • Target

    0789a361636579ac9d0e44c9962bb7bd_JaffaCakes118

  • Size

    1.5MB

  • MD5

    0789a361636579ac9d0e44c9962bb7bd

  • SHA1

    29bd3604bca7cba866f83cba10bc37af97654bb3

  • SHA256

    01c13263c1fe49129c3bf94b38cbee2a2437fafc562e23dfb2bfbeb30eb21720

  • SHA512

    a81feef629650d7079f3b1907959eff8e6c724e9c44bcbec4af1b2ce6dfd24ba6ba1d3b3316db320f637eb32b5cb9814c7c0ec0139192111fd1c7424ec6ad231

  • SSDEEP

    24576:hNJp/2SkgT4KUAopmhDO2Aan9XgnU6tZAf4Nzbm6g+qF2SdYOrhGF+bL+cH8y6LL:hNvOx/Vp/2bn9XgnNtmf28rhybccIwhL

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/0789a361636579ac9d0e44c9962bb7bd_JaffaCakes118
    /tmp/0789a361636579ac9d0e44c9962bb7bd_JaffaCakes118
    1⤵
    • Checks CPU configuration
    • Reads system network configuration
    • Reads runtime system information
    • Writes file to tmp directory
    PID:1341

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads