Overview

overview

10

Static

static

10

385c946e31...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 04:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    385c946e31449e654fe0bca1b230c979_JaffaCakes118

  • Size

    1.2MB

  • MD5

    385c946e31449e654fe0bca1b230c979

  • SHA1

    6557d2037b844bb394bb3af601585fdf70c6a4e4

  • SHA256

    3aa34db96043ec767fe7f925de97a4d2dc074ca393e4ea3a9cb9e10447883e91

  • SHA512

    fcbd80974f1db8ae94e2ad767da7d7107c0abd456a1b5ce170b52aee1ad36382576e597c043a0ce22b31e92fee5b1f2954044fb735025b6e7219361ecf54dc7e

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4C2y1q2rJp0:745vRVJKGtSA0VWeoxu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/385c946e31449e654fe0bca1b230c979_JaffaCakes118
    /tmp/385c946e31449e654fe0bca1b230c979_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2422

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    dc98fead51a3a7ae08ca95a18857d2cd

    SHA1

    1a03f6db83c3b3bbf720721dfb5678b8a1f73931

    SHA256

    28a8472f2c406cf8deb7f5e297a09a8c4669d134a3903b193bfa3deead3ad459

    SHA512

    4a2182dc05a297ff2adc8ec88a6ce57057ffeb9d77555a6b64069c0c5493de61316e4705701ce484a97c0338ac0fae91b3b7cb75c43b51542543b296f9224cb9

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    4a06d868d044c50af0cf9bc82d2fc19f

    SHA1

    96327d5521a52aff95ad8066420f715fdd0d2561

    SHA256

    aa82088246685c17ebf16d48877686b831ed384ffdc42e76494283c271704d7a

    SHA512

    c560d38ae448056290da9062dd353accc4c4b321d1bac276a15751ae0ca78ffa6213246a75df24fd983e47d7dcda4ff37b79572837db385d94cb934c9d8e1e7f

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    82cd89ea4a61e3ad253c51f693170108

    SHA1

    0ae4d597e7b0c2235f5c17afa8f56c4ced0cd511

    SHA256

    71ce1268478226dd355593f7577b3c906d9fe20d9f5f390e15ac4fedbaa07cc4

    SHA512

    93fb2d32a88df3a0000a328cf61936a1f8d45ef4d8fb5314cd18efaa2e3ec52442b068d40df22600fb33fda9e71219ca3906030399b68f6cfc2a9f86bf617d03

    Download Submit