Analysis
-
max time kernel
0s -
platform
debian-9_armhf -
resource
debian9-armhf-20240729-en -
resource tags
arch:armhfimage:debian9-armhf-20240729-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem -
submitted
13/10/2024, 17:54
General
-
Target
41445aa60caae0ce06989005d2158f82_JaffaCakes118
-
Size
66KB
-
MD5
41445aa60caae0ce06989005d2158f82
-
SHA1
035c0870ce17a1d11b98461d80e47ba960c59ec3
-
SHA256
833f944e82b4d95d95f42c82e6fa01ea1f635b753338d8f88fcf1e8a9f6ae1df
-
SHA512
5cd7aa63aaf7cfabbba00bcdd37111da7e0acb492a69e08478933c9799aea999ea4755d0a28ea15fc3981d5f338bddcd13508ba28c6a0b0bd868c95baa71cb57
-
SSDEEP
1536:vVo7DPL4KwGpgLb1/YmEI0Kd1jy1D86ucvcrgS44LS0XCwjBaOr5wm9dqc:+LL4KhpSpgtUbjy1DAgSXL9aOrn
Malware Config
Signatures
Processes
-
/tmp/41445aa60caae0ce06989005d2158f82_JaffaCakes118/tmp/41445aa60caae0ce06989005d2158f82_JaffaCakes1181⤵
- Reads runtime system information
PID:646 -
/bin/sh/bin/sh -c "iptables -A INPUT -p tcp --destination-port 23 -j DROP"2⤵PID:647
-
/sbin/iptablesiptables -A INPUT -p tcp --destination-port 23 -j DROP3⤵PID:648
-
-
-
/bin/sh/bin/sh -c "iptables -A INPUT -p tcp --destination-port 37215 -j DROP"2⤵PID:659
-
/sbin/iptablesiptables -A INPUT -p tcp --destination-port 37215 -j DROP3⤵PID:661
-
-