Overview

overview

10

Static

static

10

2812cc3ac9...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    28-07-2024 22:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2812cc3ac9c7bee252ab70fe9558018d_JaffaCakes118

  • Size

    1.2MB

  • MD5

    2812cc3ac9c7bee252ab70fe9558018d

  • SHA1

    f47bfe1d2b304e4922ce9dfcab5e7c1ee426c48b

  • SHA256

    0f1479386618e132bd51440cb400ad376868a7e693e2ec491d5ac2290be80500

  • SHA512

    ee30a36afeca76c0327d8fe9ebdc863a2996bc1162ff5501dc96205b91f7fc921afef0aa13423ed6aefa0bb85e98650d8447b726ee5addeec35564fb0ab9cdb8

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4P2y1q2rJp0:745vRVJKGtSA0VWeouu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/2812cc3ac9c7bee252ab70fe9558018d_JaffaCakes118
    /tmp/2812cc3ac9c7bee252ab70fe9558018d_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2398

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    3b6ded6cb39c3209462ed75e40cced91

    SHA1

    ed0a0c73eb9feb663fe183765b93f88ef5f1e81c

    SHA256

    0ddd99f05bf165c91b6e5af42878f8f20c0002a111035223752c7c722e6a3b48

    SHA512

    8da4ea01fd1189e1177dfe554ca4b44f03245f3cb3799b7d99e63ca7faecabe3afe5c39b50e195f3db4dd20308f614772eee7246018744935caf3b4a73824b6a

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    03cf87174debaccd689c90c34577b82f

    SHA1

    3f171a3711d4b1ed7061f8a4f63bb5f193594450

    SHA256

    8350242b2df439d296a664c7c59b117507d0b3c537fa293304c84d84eb85cc43

    SHA512

    27ad003caa29e4efe7d3eedb467941f665c16f41bc074fcceb4897e958938f34debb67c2298e7f5573d43720aa0153317bc10c8e289238d1a32178b3c0232868

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    9acaf2f9178a06792562ab233a1a37a9

    SHA1

    99dc5a7ff7d71ceb2e95c4c9b9284e1bfcb73d6d

    SHA256

    a12e2b632c8ff78e245b2a216821f7989339fd6934547c0e3c9a7243fc84ffe3

    SHA512

    a6d3c7053fa4bc1706651ada04ad86e55f1d34906875118eeaac785468d5930327ca066081418b1d5c7ae987e37f3a5aaad156e030e3b7249c750b0d351c9b98

    Download Submit