Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240522.1-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240522.1-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    31-08-2024 21:03

General

  • Target

    cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118

  • Size

    1.5MB

  • MD5

    cd98c2b681ff2517c1fe42cd166c2477

  • SHA1

    3049d3b52dfd0580feb7b40fe1849ed16a4ce790

  • SHA256

    4d7cb89e41e2ba716332eaffab44ce89b5b628edcfec1faac1a3acf4cfbec8f2

  • SHA512

    f57700989d0cbbee3d979d8ff2f9f95e7671b5c0763057016178ad7ff1a4127ddd63127d6cd2ed6effb2e6b00c2e3b980a297ca8d522e38adb425e07805b0b7a

  • SSDEEP

    24576:hNJp/2SkgT4KUAopmhDO2Aan9XgnU6tZAf4Nzbm6g+qF2SdYOrhGw+bL+cH8y6LL:hNvOx/Vp/2bn9XgnNtmf28rh7bccIwhL

Score
4/10

Malware Config

Signatures

  • Checks CPU configuration 1 TTPs 1 IoCs

    Checks CPU information which indicate if the system is a virtual machine.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

  • Reads runtime system information 2 IoCs

    Reads data from /proc virtual filesystem.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118
    /tmp/cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118
    1⤵
    • Checks CPU configuration
    • Reads system network configuration
    • Reads runtime system information
    • Writes file to tmp directory
    PID:1566

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads