Analysis
-
max time kernel
149s -
max time network
149s -
platform
ubuntu-22.04_amd64 -
resource
ubuntu2204-amd64-20240522.1-en -
resource tags
arch:amd64arch:i386image:ubuntu2204-amd64-20240522.1-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system -
submitted
31-08-2024 21:03
Static task
static1
Behavioral task
behavioral1
Sample
cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118
Resource
ubuntu2204-amd64-20240522.1-en
General
-
Target
cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118
-
Size
1.5MB
-
MD5
cd98c2b681ff2517c1fe42cd166c2477
-
SHA1
3049d3b52dfd0580feb7b40fe1849ed16a4ce790
-
SHA256
4d7cb89e41e2ba716332eaffab44ce89b5b628edcfec1faac1a3acf4cfbec8f2
-
SHA512
f57700989d0cbbee3d979d8ff2f9f95e7671b5c0763057016178ad7ff1a4127ddd63127d6cd2ed6effb2e6b00c2e3b980a297ca8d522e38adb425e07805b0b7a
-
SSDEEP
24576:hNJp/2SkgT4KUAopmhDO2Aan9XgnU6tZAf4Nzbm6g+qF2SdYOrhGw+bL+cH8y6LL:hNvOx/Vp/2bn9XgnNtmf28rh7bccIwhL
Malware Config
Signatures
-
Checks CPU configuration 1 TTPs 1 IoCs
Checks CPU information which indicate if the system is a virtual machine.
description ioc Process File opened for reading /proc/cpuinfo cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118 -
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
description ioc Process File opened for reading /proc/net/dev cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118 -
Reads runtime system information 2 IoCs
Reads data from /proc virtual filesystem.
description ioc Process File opened for reading /proc/sys/kernel/version cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118 File opened for reading /proc/stat cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118 -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/frgb.cfg cd98c2b681ff2517c1fe42cd166c2477_JaffaCakes118