Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
146s -
max time network
133s -
platform
ubuntu-22.04_amd64 -
resource
ubuntu2204-amd64-20240611-en -
resource tags
-
submitted
29/07/2024, 17:27
General
-
Target
557a88e83aded0014f7cfb2db586c54b_JaffaCakes118
-
Size
1005KB
-
MD5
557a88e83aded0014f7cfb2db586c54b
-
SHA1
47f104201ffff3b1bc0b0f0d362feecdb1804772
-
SHA256
05cb2b83182e26dbdf09b4ef02345d44e62d94f062683ef3ecdd08f965ed4dc4
-
SHA512
b132776905b23dcef930d2dd8c176ba2f25648c10ca4cb8f8061c5465d63eba54153756747241cb28aaf6caef686dcf34aea2c3c858c24211342d0b80d1c4ff4
-
SSDEEP
24576:2CRMLq8MvJK2Th5FogoynYUMGnJo8MsVTJu:26MLq8MM2ThsgoynYUdo8MsV
Malware Config
Signatures
-
Creates/modifies Cron job 1 TTPs 1 IoCs
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Reads runtime system information 1 IoCs
Reads data from /proc virtual filesystem.
Processes
-
/tmp/557a88e83aded0014f7cfb2db586c54b_JaffaCakes118/tmp/557a88e83aded0014f7cfb2db586c54b_JaffaCakes1181⤵
-
/bin/shsh -c "crontab -l | grep /tmp/557a88e83aded0014f7cfb2db586c54b_JaffaCakes118|| (crontab -l ; echo \"* * * * * /tmp/557a88e83aded0014f7cfb2db586c54b_JaffaCakes118\") | crontab -"2⤵
-
/usr/bin/crontabcrontab -l3⤵
-
-
/usr/bin/grepgrep /tmp/557a88e83aded0014f7cfb2db586c54b_JaffaCakes1183⤵
- Reads runtime system information
-
-
/usr/bin/crontabcrontab -3⤵
- Creates/modifies Cron job
-
-
/usr/bin/crontabcrontab -l3⤵
-
-
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
237B
MD58d3079888b1ddfb660492b607545ce56
SHA1d7e7b7a40e91b5e7b34ae76182b41665c7655e4f
SHA256d608cac41659cfb2cf5733d9a50e6c285ff1849ee8924c483b30d77e323f6f57
SHA5128cdaf145504aadfc712c3fb6cfa6a99a122358f3050153c549a59dffd9f11232e95d801f1cc8ac14ca16cdc08bc979c0736dfd4a21c60942c32df1d40fc8f3fc