Overview

overview

10

Static

static

10

964170b973...kes118

debian-9-mipsel

7

Analysis

  • max time kernel
    146s
  • max time network
    137s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240226-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240226-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    24/11/2024, 17:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    964170b9732e3fded114469494201cb9_JaffaCakes118

  • Size

    151KB

  • MD5

    964170b9732e3fded114469494201cb9

  • SHA1

    0f0f38871cbfdea26c949e3dd6b264e5aa6348e3

  • SHA256

    c74c045c1e82e3bceab83949db3d2f7eab00da95c6ed8c3e92f2fe769b4bc8fc

  • SHA512

    fb195b1147f0023889f3663ab956d3fe116015420cfb582c5f934d5d047c0b6b2a4726219e5f66012de70c08275a87e51225e3dea64c726e9d2df88f76c32a6e

  • SSDEEP

    3072:dgZc9h1jlnLA2PiXYeyCchVNMVGuo9mrThPaLEnvPrNb:dd7lnLA2PiIeyZhVWDo9mrThPaLEnvP5

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Changes its process name 1 IoCs
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/964170b9732e3fded114469494201cb9_JaffaCakes118
    /tmp/964170b9732e3fded114469494201cb9_JaffaCakes118
    1⤵
    • Modifies Watchdog functionality
    • Reads system routing table
    • Changes its process name
    • Reads system network configuration
    PID:706

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads