Overview

overview

10

Static

static

10

a91e67da3a...kes118

debian-9-mips

7

Analysis

  • max time kernel
    145s
  • max time network
    133s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240418-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240418-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    27-11-2024 18:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a91e67da3a013f1ddfe08d50a7e15775_JaffaCakes118

  • Size

    151KB

  • MD5

    a91e67da3a013f1ddfe08d50a7e15775

  • SHA1

    2e7bde4a9577a89af7551c5be78bae4509704c30

  • SHA256

    787af360b7e7832de7d2b0b01c87e72b194a055c2047d1ce0d6abd0aecc082e2

  • SHA512

    1006da7d26a7246f76dcc22eb1fde4a399dd69791e87c0257623cbd4a46a7f4843b51b2a798ddcfcc4d217e77293898b4d2062658e55b30bc58392a23b2b446e

  • SSDEEP

    3072:JW6dm9tS1aRGQdK76t/zCPI5mrThPaLEnvPrNb:c6IG+LCQmrThPaLEnvPrNb

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

    discovery
  • Changes its process name 1 IoCs
  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

    discovery

Processes

  • /tmp/a91e67da3a013f1ddfe08d50a7e15775_JaffaCakes118
    /tmp/a91e67da3a013f1ddfe08d50a7e15775_JaffaCakes118
    1⤵
    • Modifies Watchdog functionality
    • Reads system routing table
    • Changes its process name
    • Reads system network configuration
    PID:738

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads