Overview

overview

10

Static

static

10

0063485dab...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    27-07-2024 20:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0063485dab5e75994b2e519aae5a69f4_JaffaCakes118

  • Size

    1.2MB

  • MD5

    0063485dab5e75994b2e519aae5a69f4

  • SHA1

    827ec19796cffb013a8af73cc327896f98cb31f8

  • SHA256

    84e60c6629c00cf51f6e3af75935f728bc8f8f9a1d8a09bf8fb4683ae0c16489

  • SHA512

    7227238ec406b7ba2f8c2313f142ef3d2660826709ae0bf89b99056316c97c7df70d2ca41d528452ca28a7c42485cdfeaf40e767eea172cb2954984fe03b1c9f

  • SSDEEP

    24576:e845rlHu6gVJKG75oFpA0VWHX4G2y1q2rJp0:745wRVJKGtSA0VWHoVu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/0063485dab5e75994b2e519aae5a69f4_JaffaCakes118
    /tmp/0063485dab5e75994b2e519aae5a69f4_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2422

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    8ca16fd2e79b87bf71e507e0a5890ee1

    SHA1

    4130e561a3bf14ccf1571628ee81d05cd1c3f6d2

    SHA256

    24d7cf0c03248d75e9fd49f682dd5ea8cbe2f00183bd0004a0a3367f58c4983a

    SHA512

    0de4a0a9ecce7699cd1d23bf9a543033eea2c4f66f29bb5f34a3807b81a442d38858d5e15f8c63d16e96ef9e242b6f92781247f5450fde41ec3564f34bc7e62b

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    afa8c73fae30ed7c277d40da7f5d392e

    SHA1

    c07469334afd395dd2733d7b07ac7819250d53a9

    SHA256

    0a108a557985409174786e6b50734bd1fe46e1faa670ddc657d0fe816de67240

    SHA512

    430f398cd7f97f30b8f33e18458acaf18ddc06f431c342211f522b9a680f352e540a46324af5865646fcf701ce76b409adbb9e6c13c008bb82d006ed07142e57

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    4a06d868d044c50af0cf9bc82d2fc19f

    SHA1

    96327d5521a52aff95ad8066420f715fdd0d2561

    SHA256

    aa82088246685c17ebf16d48877686b831ed384ffdc42e76494283c271704d7a

    SHA512

    c560d38ae448056290da9062dd353accc4c4b321d1bac276a15751ae0ca78ffa6213246a75df24fd983e47d7dcda4ff37b79572837db385d94cb934c9d8e1e7f

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    c7387185f4e8c9239f2d21a8f203c7e6

    SHA1

    42776e79ce6b89f2a9faa2567510683a548fe2c2

    SHA256

    6c99516caf0bf2372c789f7301025a0f610b38b9e3142d7a0f2581bdf45a5d44

    SHA512

    61fab75f68bab1a57a1c96b4494c976ac338e38aa3c6d62230164d10e99a442fa2fe7713a7832049733b51fcde58882742001b686fb49fb028ad066ac2caaa29

    Download Submit