Analysis Overview
score
4/10
SHA256
60e24cb19a3cfdc88712f3511adfde242abff3c1915b34eeb19dd7cc72380df2
Threat Level: Likely benign
The file c92129fc230bacd113530fee254fc2b6_JaffaCakes118 was found to be: Likely benign.
Malicious Activity Summary
Checks CPU configuration
Reads system network configuration
Reads runtime system information
Writes file to tmp directory
MITRE ATT&CK
Enterprise Matrix V15
Analysis: static1
Detonation Overview
Reported
2024-08-29 15:49
Signatures
N/A
Analysis: behavioral1
Detonation Overview
Submitted
2024-08-29 15:49
Reported
2024-08-29 15:51
Platform
ubuntu1804-amd64-20240508-en
Max time kernel
149s
Max time network
129s
Command Line
[/tmp/c92129fc230bacd113530fee254fc2b6_JaffaCakes118]
Signatures
Checks CPU configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/cpuinfo | /tmp/c92129fc230bacd113530fee254fc2b6_JaffaCakes118 | N/A |
Reads system network configuration
| Description | Indicator | Process | Target |
| File opened for reading | /proc/net/dev | /tmp/c92129fc230bacd113530fee254fc2b6_JaffaCakes118 | N/A |
Reads runtime system information
| Description | Indicator | Process | Target |
| File opened for reading | /proc/stat | /tmp/c92129fc230bacd113530fee254fc2b6_JaffaCakes118 | N/A |
Writes file to tmp directory
| Description | Indicator | Process | Target |
| File opened for modification | /tmp/c92129fc230bacd113530fee254fc2b6_JaffaCakes118\xmit.ini | /tmp/c92129fc230bacd113530fee254fc2b6_JaffaCakes118 | N/A |
Processes
/tmp/c92129fc230bacd113530fee254fc2b6_JaffaCakes118
[/tmp/c92129fc230bacd113530fee254fc2b6_JaffaCakes118]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 198.40.53.109:6009 | tcp | |
| GB | 185.125.188.61:443 | tcp | |
| GB | 185.125.188.62:443 | tcp | |
| US | 151.101.1.91:443 | tcp | |
| US | 151.101.1.91:443 | tcp | |
| GB | 195.181.164.14:443 | tcp | |
| US | 198.40.53.109:6009 | tcp | |
| US | 198.40.53.109:6009 | tcp |
Files
N/A