Overview

overview

10

Static

static

10

94e9f3e30e...kes118

debian-9-mips

7

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240418-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    24-11-2024 13:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    94e9f3e30e2cdf962c50c01a8c844198_JaffaCakes118

  • Size

    149KB

  • MD5

    94e9f3e30e2cdf962c50c01a8c844198

  • SHA1

    f5b4e6e5229e75dab9f7545c5e718683e2234bfd

  • SHA256

    a0823328b95bdfc79c7ac4089e8ef57690d54c4829bfbb7dbc722324d615e7bd

  • SHA512

    4f77da87df6d73338bfba99a839e9d347e026c2232a29987443266a8eb8d10c264bb6ca7c3078dbddd753ca77a09e2bef70dddbd3be247d2e73e5ccf9339367a

  • SSDEEP

    3072:myik9SZ83RjlpApKD5hVA0z5+cN3rMsBRTFCj4jM:u2SZ8BB2kD5hVA0zwI3rMsBRTFCj4jM

Score
7/10
discovery

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Changes its process name 1 IoCs
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/94e9f3e30e2cdf962c50c01a8c844198_JaffaCakes118
    /tmp/94e9f3e30e2cdf962c50c01a8c844198_JaffaCakes118
    1⤵
    • Deletes itself
    • Reads system routing table
    • Changes its process name
    • Reads system network configuration
    PID:710

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads