Overview

overview

10

Static

static

10

0f43c8c411...kes118

debian-12-armhf

3

Analysis

  • max time kernel
    0s
  • max time network
    170s
  • platform
    debian-12_armhf
  • resource
    debian12-armhf-20240221-en
  • resource tags

    arch:armhfimage:debian12-armhf-20240221-enkernel:6.1.0-17-armmp-lpaelocale:en-usos:debian-12-armhfsystem
  • submitted
    03-10-2024 14:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0f43c8c411edff20933370d0a4648ec8_JaffaCakes118

  • Size

    4.5MB

  • MD5

    0f43c8c411edff20933370d0a4648ec8

  • SHA1

    7f67427e9821d846842bd30e19fa3f353b4a1f74

  • SHA256

    0e4534d015c4e6691ff3920b19c93d63c61a0f36497cb0861a149999b61b98e1

  • SHA512

    daca356e2639bcd5c643dcfb9e047302b6d37927e072c0172e804a538adf8e735c24b14380b73da9ab8ea02c84d9633c563186ffc420090b03134a53538ad36e

  • SSDEEP

    49152:trfeR3NTM4k4wrL53kmBwVSC45KuAb7/C:1feVNo4b6F34SC/C

Score
3/10
discovery

Malware Config

Signatures

  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

    discovery
  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/0f43c8c411edff20933370d0a4648ec8_JaffaCakes118
    /tmp/0f43c8c411edff20933370d0a4648ec8_JaffaCakes118
    1⤵
    • Enumerates kernel/hardware configuration
    • Writes file to tmp directory
    PID:709

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads