d79cdb9675eb67f51ecd17bcb09b386687283869463ebaf519eebd513d192168 | Triage

Submit
Reports

Overview

overview

7

Static

static

7

85875d200b...kes118

ubuntu-20.04-amd64

6

Sharing

General

Target

85875d200b500aa669e97e71af918cc4_JaffaCakes118
Size

2.1MB
Sample

240810-k31ytaxflh
MD5

85875d200b500aa669e97e71af918cc4
SHA1

bad1846c71fc23d28e22c20048f7490fd96c8347
SHA256

d79cdb9675eb67f51ecd17bcb09b386687283869463ebaf519eebd513d192168
SHA512

a3dd36d067501e2f19d1eeedaf079008c72cc769dd19afab975677b6fd7220e3857cdca29520badbdb88fba8a996af75c270d59cfb63cac4288dc57c2120d5f2
SSDEEP

49152:AdfjEIRbloS+0dpxt+DNAE7CGh4UQM6e/VgzQX:ANjEIxiSbpxtMGC4BM6UvX

Score

7^/10

antivm linux persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

85875d200b500aa669e97e71af918cc4_JaffaCakes118

Resource

ubuntu2004-amd64-20240611-en

antivm persistence

ubuntu-20.04-amd64

4 signatures

150 seconds

Malware Config

Targets

- Target
  
  85875d200b500aa669e97e71af918cc4_JaffaCakes118
- Size
  
  2.1MB
- MD5
  
  85875d200b500aa669e97e71af918cc4
- SHA1
  
  bad1846c71fc23d28e22c20048f7490fd96c8347
- SHA256
  
  d79cdb9675eb67f51ecd17bcb09b386687283869463ebaf519eebd513d192168
- SHA512
  
  a3dd36d067501e2f19d1eeedaf079008c72cc769dd19afab975677b6fd7220e3857cdca29520badbdb88fba8a996af75c270d59cfb63cac4288dc57c2120d5f2
- SSDEEP
  
  49152:AdfjEIRbloS+0dpxt+DNAE7CGh4UQM6e/VgzQX:ANjEIxiSbpxtMGC4BM6UvX
Score

6^/10

antivm persistence
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Virtualization/Sandbox Evasion

Credential Access

Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

antivmpersistence

© 2018-2024

Terms | Privacy