Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    ubuntu-22.04_amd64
  • resource
    ubuntu2204-amd64-20240611-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
  • submitted
    18-12-2024 15:23

General

  • Target

    fc16bb64d04f187448009a1c35509d91_JaffaCakes118

  • Size

    4.5MB

  • MD5

    fc16bb64d04f187448009a1c35509d91

  • SHA1

    f1236e9448b0e70669a01623720234e5f3a74656

  • SHA256

    4691946e508348f458da1b1a7617d55d3fa4dc9679fff39993853e018fc28f8e

  • SHA512

    8b6f15c5b31074f48f2286ce2515f06041ee159ec8f9a4951ee8e0976548502eb9fa90e7c3eff387c9be1bb6f181df0e9627c7b94165b4e8338faa7028d86e37

  • SSDEEP

    49152:DpP+u5RDaXyLBreNEDx75Ua9NeAcFwMDxHjUCXOAWPRtMLH42bT2ADWM2tJ11zqq:ZEfNEbUNFwuHICeAfLY2gM/i

Score
3/10

Malware Config

Signatures

  • Enumerates kernel/hardware configuration 1 TTPs 1 IoCs

    Reads contents of /sys virtual filesystem to enumerate system information.

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/fc16bb64d04f187448009a1c35509d91_JaffaCakes118
    /tmp/fc16bb64d04f187448009a1c35509d91_JaffaCakes118
    1⤵
    • Enumerates kernel/hardware configuration
    • Writes file to tmp directory
    PID:1578

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads