Overview

overview

10

Static

static

10

6443e7a889...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 22:25

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6443e7a889243e90894cc1b20b9db80c_JaffaCakes118

  • Size

    1.1MB

  • MD5

    6443e7a889243e90894cc1b20b9db80c

  • SHA1

    ad1635978ffa236b3b21ac8e8136634d710e2472

  • SHA256

    ae84110d5e188105a4eae4735c3c8cd6159ebc930820b3d681983cbad4f56fb2

  • SHA512

    91245d22662fa331247c5e802f5789f85fe6e4e586c9e319dbe030ea298ebbe76ec1a7b1dbec54f0bca571ff4c6c78f09df8892e49852df1bfe5a1ae32f1ab5a

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfanI+gIGYuuCol7r:4vREKfPqVE5jKsfanRHGVo7r

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/6443e7a889243e90894cc1b20b9db80c_JaffaCakes118
    /tmp/6443e7a889243e90894cc1b20b9db80c_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2442

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    8e82a485ce6c6a08370e2f24a2ba6463

    SHA1

    acb5d99b4a0bf6d4f3cd57d9b11f7ee77aa4a437

    SHA256

    d7c35cc709d2200e757945ba14ae66e051b7524ddfdf764663f9855c3d6b5754

    SHA512

    f5b8281eac0002b9c6c3a1101eaf865f8d1253fe6a09ee2e127ada000a59e8d9fb545e3460c6a37e5d328f8d97e213372736c34c5e9d15d23899453e9c8c7e45

    Download Submit

  • /tmp/gates.lock
    Filesize

    4B

    MD5

    24e27b869b66e9e62724bd7725d5d9c1

    SHA1

    c34ec402e72c47668075c397d1dd50896438c0a3

    SHA256

    6c16cc05218d7208044e08025f04d8fcc50e8cc7fb05bb1bb83fec12f575932b

    SHA512

    18edf1e2a2054f278145c763eb6fc4470d23826f6066b935da1213b1215c49a05f263e59121b9f0f2dc4be16aa2a5e46517d8e6f5270fea6c3f63cd3851234d0

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    0278401640bb25347868d6f50a37c49b

    SHA1

    5e8f814732853b01f433415234565cec54b4a7ef

    SHA256

    3877c92bf6974461f94d910e4986453bacbad4c6af8f5a6df8a06d845717cb6c

    SHA512

    1b61149b918ff7524b5fffe1c19e04b3a05efccf8dca8c0881893290dbde62a9d802b9df345e74bb8cb75b865f3467ac272f1e85a2fb1523b8ca9a37a1b46149

    Download Submit