Overview

overview

6

Static

static

1

e8609b5fe3...kes118

ubuntu-18.04-amd64

6

e8609b5fe3...kes118

debian-9-armhf

6

e8609b5fe3...kes118

debian-9-mips

6

e8609b5fe3...kes118

debian-9-mipsel

6

Analysis

  • max time kernel
    5s
  • max time network
    9s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240226-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    18-09-2024 04:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e8609b5fe37bbc37ac72c127ab2a94e9_JaffaCakes118

  • Size

    12KB

  • MD5

    e8609b5fe37bbc37ac72c127ab2a94e9

  • SHA1

    5cdbb385ff43a45b8da48208592031b0d211f17f

  • SHA256

    873fe8f1464c6e7a7f74ab8c1ea3c356a029d43a7a6a9de8eb5c887937234d11

  • SHA512

    0467c2fbaf0bee085fab4a12bd95d42db0fc9d0e88b79e5616799451fd4822d7bc878a4d319b64fcefe6cecac7b3507e5db3955d182a03368712f5e14742850c

  • SSDEEP

    384:9MjVCXEXuK/WZDgD8AapX8XCkLWkWKzPKplKsNemW84mkXm+roosjh5oBq:xXEXeZDgD8AapX8XdLWk1zoIweb84mkU

Score
6/10

Malware Config

Signatures

  • Legitimate hosting services abused for malware hosting/C2 1 TTPs 3 IoCs

Processes

  • /tmp/e8609b5fe37bbc37ac72c127ab2a94e9_JaffaCakes118
    /tmp/e8609b5fe37bbc37ac72c127ab2a94e9_JaffaCakes118
    1⤵
      PID:697
      • /usr/bin/clear
        clear
        2⤵
          PID:702
        • /bin/ping
          ping -c 1 raw.githubusercontent.com -i 1000
          2⤵
            PID:708
          • /usr/bin/wget
            wget https://raw.githubusercontent.com/nilotpalbiswas/Auto-Root-Exploit/master/autoroot.sh "--timeout=5" -q -O -
            2⤵
              PID:715
            • /bin/grep
              grep "ver="
              2⤵
                PID:716
              • /usr/bin/cut
                cut "-d=" -f2
                2⤵
                  PID:717
                • /usr/bin/cut
                  cut "-d " -f1
                  2⤵
                    PID:729
                  • /bin/hostname
                    hostname
                    2⤵
                      PID:731
                    • /bin/uname
                      uname -r
                      2⤵
                        PID:734

                    Network

                    MITRE ATT&CK Enterprise v15

                    Replay Monitor

                    Loading Replay Monitor...

                    Downloads

                    • /root/.wget-hsts
                      Filesize

                      180B

                      MD5

                      a0394ca4d39980728b603e5fa6700e89

                      SHA1

                      4908c505552b1806bcceb069fe7665ebcd4e2ae8

                      SHA256

                      b9c5f3dc55bbb427fb4fd5b4e919b108f2e52a8c80e7e14eeac4c4d689ad57a2

                      SHA512

                      f9e0a7c68a5a640c4249cfe1673be28227d9890797cfe7b3c2794722f947c6c987ed4702105c2e6ff0e7c4c01bad552633cb32d23dcefb5cd478e0d88e36ae6a

                      Download Submit