Overview

overview

6

Static

static

1

e8609b5fe3...kes118

ubuntu-18.04-amd64

6

e8609b5fe3...kes118

debian-9-armhf

6

e8609b5fe3...kes118

debian-9-mips

6

e8609b5fe3...kes118

debian-9-mipsel

6

Analysis

  • max time kernel
    0s
  • max time network
    1s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240418-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240418-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    18-09-2024 04:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e8609b5fe37bbc37ac72c127ab2a94e9_JaffaCakes118

  • Size

    12KB

  • MD5

    e8609b5fe37bbc37ac72c127ab2a94e9

  • SHA1

    5cdbb385ff43a45b8da48208592031b0d211f17f

  • SHA256

    873fe8f1464c6e7a7f74ab8c1ea3c356a029d43a7a6a9de8eb5c887937234d11

  • SHA512

    0467c2fbaf0bee085fab4a12bd95d42db0fc9d0e88b79e5616799451fd4822d7bc878a4d319b64fcefe6cecac7b3507e5db3955d182a03368712f5e14742850c

  • SSDEEP

    384:9MjVCXEXuK/WZDgD8AapX8XCkLWkWKzPKplKsNemW84mkXm+roosjh5oBq:xXEXeZDgD8AapX8XdLWk1zoIweb84mkU

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 1 IoCs

Processes

  • /tmp/e8609b5fe37bbc37ac72c127ab2a94e9_JaffaCakes118
    /tmp/e8609b5fe37bbc37ac72c127ab2a94e9_JaffaCakes118
    1⤵
      PID:638
      • /usr/bin/clear
        clear
        2⤵
          PID:640
        • /bin/ping
          ping -c 1 raw.githubusercontent.com -i 1000
          2⤵
            PID:646
          • /bin/hostname
            hostname
            2⤵
              PID:649
            • /bin/uname
              uname -r
              2⤵
                PID:652

            Network

            MITRE ATT&CK Enterprise v15

            Replay Monitor

            Loading Replay Monitor...

            Downloads