Analysis
-
max time kernel
120s -
max time network
132s -
platform
ubuntu-22.04_amd64 -
resource
ubuntu2204-amd64-20240611-en -
resource tags
arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system -
submitted
18-12-2024 15:23
Behavioral task
behavioral1
Sample
fc16bb64d04f187448009a1c35509d91_JaffaCakes118
Resource
ubuntu2204-amd64-20240611-en
ubuntu-22.04-amd64
2 signatures
150 seconds
General
-
Target
fc16bb64d04f187448009a1c35509d91_JaffaCakes118
-
Size
4.5MB
-
MD5
fc16bb64d04f187448009a1c35509d91
-
SHA1
f1236e9448b0e70669a01623720234e5f3a74656
-
SHA256
4691946e508348f458da1b1a7617d55d3fa4dc9679fff39993853e018fc28f8e
-
SHA512
8b6f15c5b31074f48f2286ce2515f06041ee159ec8f9a4951ee8e0976548502eb9fa90e7c3eff387c9be1bb6f181df0e9627c7b94165b4e8338faa7028d86e37
-
SSDEEP
49152:DpP+u5RDaXyLBreNEDx75Ua9NeAcFwMDxHjUCXOAWPRtMLH42bT2ADWM2tJ11zqq:ZEfNEbUNFwuHICeAfLY2gM/i
Score
3/10
Malware Config
Signatures
-
Enumerates kernel/hardware configuration 1 TTPs 1 IoCs
Reads contents of /sys virtual filesystem to enumerate system information.
description ioc Process File opened for reading /sys/kernel/mm/transparent_hugepage/hpage_pmd_size fc16bb64d04f187448009a1c35509d91_JaffaCakes118 -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/fc16bb64d04f187448009a1c35509d91_JaffaCakes118.pid fc16bb64d04f187448009a1c35509d91_JaffaCakes118