Overview

overview

10

Static

static

10

6205df8b07...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 21:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6205df8b077b2ca968077127dd03ab84_JaffaCakes118

  • Size

    1.2MB

  • MD5

    6205df8b077b2ca968077127dd03ab84

  • SHA1

    4db1c73a4a33696da9208cc220f8262fb90767af

  • SHA256

    da2a3acb7a40ceca3d89f84583703ddc1003a5448e9b1dcda7dea986a4d84f82

  • SHA512

    9b0ec70890246e2cde9d2df1faabac9fabfd9fe80a7649200f4ae9b81dcbe9cd7c0788fac19ebd5e05be1475a62ffa3b0df0fc0b278894aaa66d996792a4d7b7

  • SSDEEP

    24576:e845rlHu6gVJKG75oFpA0VWEX4G2y1q2rJp0:745wRVJKGtSA0VWEoVu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/6205df8b077b2ca968077127dd03ab84_JaffaCakes118
    /tmp/6205df8b077b2ca968077127dd03ab84_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:4066

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    97ec7d1e85e3b38294bbaf3cf8cbcd01

    SHA1

    9a0977e43dd1bc6d7679eb4deaeca05f604b070f

    SHA256

    0e9b1ac17be1175e0b950c9e81cd8ad89beae4f9c8ac704195045da7d5d33eb1

    SHA512

    279c6971e9786cf58a61d596cfbe48713c0ce78011d6a0f2219571a625d2134000f199793368a72d484756e3ac1b4468ddaada6caaf2c9580bb8800c656c706f

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    65201466b4040c1e2df1008ee91229a3

    SHA1

    9a484f7abd4539f24cfac1f84ecfe9a8dceaf6b5

    SHA256

    603597f717b08122e7c18e1b2fcba6ab824eec5ab6110cc72544cde516d364e3

    SHA512

    f24a6300f17443f9aa7221dfbdfbc68d9088080b95fb9826822e99256a7c8b66489771f8891935e03462439add560be29f807c796eee56fd9bf24c1b5a8268ff

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    fa8dbbcb682699544e4e8f2212115f73

    SHA1

    2f5c5528c998eb5073a28d61fea9d36ab2323040

    SHA256

    b55184dec351ac66077c7a41b0bab64e34b7619517ab46b3d93b6f4a9c981888

    SHA512

    6d7b75a2561d4065836d9159b714c6d7c6a29adf404d5f0a44bf442f6ee80be74f37d9ca3120ca2b81334f39cc14baa1c4e3de3f5923107c37332e53abdc7d9a

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    9e5f04564a3816861546bb6a42930a8b

    SHA1

    cc71746435e59ed105797bc6617221be96a8159a

    SHA256

    529c72e296f8d2796e649affc976250ee977dd3275ca868bf5effd01e74b8964

    SHA512

    3ab278b7bb4424d45cde646b1f385e1fca3654edf3da476dcbe491770d52aa3e6f83b0c6be59fa0b438d52b6671241bf2147d230f12eee2e277f9e400955abda

    Download Submit