Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    28-07-2024 10:58

General

  • Target

    15d7d5ed0770bea64de8c6fc5f1aa8a9_JaffaCakes118

  • Size

    1.2MB

  • MD5

    15d7d5ed0770bea64de8c6fc5f1aa8a9

  • SHA1

    6fd8de0e4d7f6e3e38498305bd828450061d4b87

  • SHA256

    e525841479449346cdd2c0bf6c94f3df4c9ac540b8ad1c0191a4d5b58449c7e9

  • SHA512

    cd6ff4216fed9c3289fe3989a142d72bca653fe1bc89216943673d5e3b2b7f0381d8703cafabae959108ff62370470bdce91de6915a999b53941ee5234f06fd3

  • SSDEEP

    24576:e845rUHu6gVJKG75oFpA0VWqX4G2y1q2rJp0:7451RVJKGtSA0VWqoVu9p0

Score
7/10

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

Processes

  • /tmp/15d7d5ed0770bea64de8c6fc5f1aa8a9_JaffaCakes118
    /tmp/15d7d5ed0770bea64de8c6fc5f1aa8a9_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2398

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt

    Filesize

    64B

    MD5

    054faf776085ab65b6837d85bed4db57

    SHA1

    65f2a0697f91be43de742bc7c72047bc2a0ed083

    SHA256

    bcd4be81935fb7ba9b5334c0705651d4ae05bad041e0a7e72e5e38a2412918a9

    SHA512

    15dd9a65a264b526df051d5cfbe41fe334bb94a466a35e9aaeb82f5694683abc408ac82c7d5fdf61bbc84ee3ffb1a7c17be72dafd9624b6431e3ae240cfcce36

  • /tmp/gates.lod

    Filesize

    4B

    MD5

    03cf87174debaccd689c90c34577b82f

    SHA1

    3f171a3711d4b1ed7061f8a4f63bb5f193594450

    SHA256

    8350242b2df439d296a664c7c59b117507d0b3c537fa293304c84d84eb85cc43

    SHA512

    27ad003caa29e4efe7d3eedb467941f665c16f41bc074fcceb4897e958938f34debb67c2298e7f5573d43720aa0153317bc10c8e289238d1a32178b3c0232868

  • /tmp/notify.file

    Filesize

    51B

    MD5

    b7b6ac10fc557acee75d284421f71651

    SHA1

    d7e0e231710abb47a55d2b82ee5af2c18f518f7b

    SHA256

    a7fa300f87ec394f9234aa689fb8b125ac4c97632f1805a13636fdfdb6851a42

    SHA512

    1515f3dfb6ad100d689b9623de63ba5c5c8a620ca7a51726489123cf54ee6739a8e105b413624584aa72511cd935af9a44b8f79c0273b61436d7a18cd03a9a8d