General
-
Target
cf6edcbbadf59bc9753c2be1ca28665b_JaffaCakes118
-
Size
22KB
-
Sample
240906-nf1ajstgrg
-
MD5
cf6edcbbadf59bc9753c2be1ca28665b
-
SHA1
f4c02cd9bc42a2fb9c561b8d62b3646060081421
-
SHA256
e8f04adef24f9020f9f6885c5a67381a477235eca7b4d07c815ed9f8569defaf
-
SHA512
64f6b8024eb8a04fc7b1c819e119488ec2af4878ded4e09632a6e4fee173ea3e5642abda5e39f27a6c7e24aca71bdaf20ed9186e07e39cc60cb2fab2a1ad37c4
-
SSDEEP
384:fQ6PgM8PvaA0Rj1vre1aLwJVcKLwbVcioHjiiQZ0p4ESzy14uazp1cCq2CqwRwbs:fQ6PgM8PvaA0Rj1vre1iAVcSeVchDii1
Static task
static1
Behavioral task
behavioral1
Sample
cf6edcbbadf59bc9753c2be1ca28665b_JaffaCakes118
Resource
ubuntu1804-amd64-20240611-en
Behavioral task
behavioral2
Sample
cf6edcbbadf59bc9753c2be1ca28665b_JaffaCakes118
Resource
debian9-armhf-20240611-en
Behavioral task
behavioral3
Sample
cf6edcbbadf59bc9753c2be1ca28665b_JaffaCakes118
Resource
debian9-mipsbe-20240729-en
Behavioral task
behavioral4
Sample
cf6edcbbadf59bc9753c2be1ca28665b_JaffaCakes118
Resource
debian9-mipsel-20240611-en
Malware Config
Targets
-
-
Target
cf6edcbbadf59bc9753c2be1ca28665b_JaffaCakes118
-
Size
22KB
-
MD5
cf6edcbbadf59bc9753c2be1ca28665b
-
SHA1
f4c02cd9bc42a2fb9c561b8d62b3646060081421
-
SHA256
e8f04adef24f9020f9f6885c5a67381a477235eca7b4d07c815ed9f8569defaf
-
SHA512
64f6b8024eb8a04fc7b1c819e119488ec2af4878ded4e09632a6e4fee173ea3e5642abda5e39f27a6c7e24aca71bdaf20ed9186e07e39cc60cb2fab2a1ad37c4
-
SSDEEP
384:fQ6PgM8PvaA0Rj1vre1aLwJVcKLwbVcioHjiiQZ0p4ESzy14uazp1cCq2CqwRwbs:fQ6PgM8PvaA0Rj1vre1iAVcSeVchDii1
-
Executes dropped EXE
-
Attempts to change immutable files
Modifies inode attributes on the filesystem to allow changing of immutable files.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Disables SELinux
Disables SELinux security module.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Scheduled Task/Job
1Cron
1Privilege Escalation
Boot or Logon Autostart Execution
1Boot or Logon Initialization Scripts
1RC Scripts
1Scheduled Task/Job
1Cron
1