Overview

overview

10

Static

static

10

1d2dcd8b3d...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    28-07-2024 18:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1d2dcd8b3d56624c439761ce3379d062_JaffaCakes118

  • Size

    1.2MB

  • MD5

    1d2dcd8b3d56624c439761ce3379d062

  • SHA1

    9199260958914f47a1a3991e0065b85d7e750dd6

  • SHA256

    c9c78892148bf3d88c6b40ed6da790518ff5ad2b52ca0b59e5aad30a9413e75b

  • SHA512

    d43e0baa4c8b04bafbc0a0ac2464bf3c7304705296590a9dae91cfe3dc59d02bdaf4186336c869da18a54d71aeb36d3abfc7a0263b7dd4e48a3f86dc4be9f904

  • SSDEEP

    24576:e845rUHu6gVJKG75oFpA0VWIX4G2y1q2rJp0:7451RVJKGtSA0VWIoVu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/1d2dcd8b3d56624c439761ce3379d062_JaffaCakes118
    /tmp/1d2dcd8b3d56624c439761ce3379d062_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2442

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    3a78dfefad322bedac2b9c942357a3d2

    SHA1

    2ae7519bfd6851c4e1e90331a4ecc232c665ed2d

    SHA256

    5aab952342e60aa24e701de75c85db5a2825e81df8d8d339978db4d7a3f4cec2

    SHA512

    bee04110bc25a049821c63bf6507e2253ace8cc028893f8426fae19f650a791d1b143aca07a58b7da1a5cc5822d198ef8fa9ae2809da534dc455dec2430248b4

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    2f4fe03d77724a7217006e5d16728874

    SHA1

    4a6bfd1995bc16264467895891165bd2fc50fe95

    SHA256

    d047f40b7ef6b9d2c824260c76a75981dda8d5d3eb2d48262261961d14617d1e

    SHA512

    bae277dbf7eb0bca08eceec467f7e608db172b9f8176dc631042db52dc901519af7b1d0416b91b9b35d149b81f4753188cf4bc147e2a3ea9af1443ef590e68a4

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    2cbe02cb78070afaa2aa1e06a21181f3

    SHA1

    5f8ad0a5447fa0de1a31ab04aaa3efb9445a0bbb

    SHA256

    15ff92d7feeae05a81d6d1f1b32e74680a9d6cbb31fb944de2f9ce4a982e541f

    SHA512

    57e8a9a315935839d23fa8f7104b653cf14230ae8a534b1e4d18a6c8929c28711ed7785b60db6a01adedcab83a415d27ccfb71905857f4320e737003f665afe6

    Download Submit