Overview

overview

10

Static

static

10

ef215bf96b...kes118

debian-9-mips

9

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    debian-9_mips
  • resource
    debian9-mipsbe-20240611-en
  • resource tags

    arch:mipsimage:debian9-mipsbe-20240611-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipssystem
  • submitted
    14-12-2024 14:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ef215bf96b2be1b7631c1151f9d159f6_JaffaCakes118

  • Size

    37KB

  • MD5

    ef215bf96b2be1b7631c1151f9d159f6

  • SHA1

    e2b10b00b947f9b2122cf7dddefcd1e4ca4d5d8f

  • SHA256

    9f3a25a217bdaa28e9a6ea433d61c03c89474285da0dba374f3e48ebfcc73e99

  • SHA512

    dc8af7eed3936e17dd1ce28e017fb9a39232438b1753144a95f3375a978108b5462ec8990f4038fa31b8379cdb78353c2dfbdabe2976204ca4ecc56368dff4e4

  • SSDEEP

    768:Q/LL8N4VVnIce8sdNV9DRfJjXFnC5fHnvoovNYyU1uUOo/dNZpg7JmtmpLJlo/Co:8LgN4VVnretv9D5JjsUtK3HukO

Score
9/10
defense_evasiondiscovery

Malware Config

Signatures

  • Contacts a large (23822) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Writes file to system bin folder 1 IoCs
  • Changes its process name 1 IoCs

Processes

  • /tmp/ef215bf96b2be1b7631c1151f9d159f6_JaffaCakes118
    /tmp/ef215bf96b2be1b7631c1151f9d159f6_JaffaCakes118
    1⤵
    • Modifies Watchdog functionality
    • Writes file to system bin folder
    • Changes its process name
    PID:694

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads