Overview

overview

10

Static

static

10

3b073e6f7b...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 06:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3b073e6f7be8f29c8887446530a1e188_JaffaCakes118

  • Size

    1.2MB

  • MD5

    3b073e6f7be8f29c8887446530a1e188

  • SHA1

    e7b3619d9221a30bb6eaa821f58a1a03b82fc8b9

  • SHA256

    af21a50bf88908f65ad0a91461ad31ba4b5f6e581b7aea11559d0d8f3ca76891

  • SHA512

    9b23559826f449611da381cdd754e891dbb009067138b23cee5f82baf78bec2fe662b9e1562519db56969e4c774c59eeccad71b5ec6fd10f02cd03569fa3fbe6

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX452y1q2rJp0:745vRVJKGtSA0VWeogu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/3b073e6f7be8f29c8887446530a1e188_JaffaCakes118
    /tmp/3b073e6f7be8f29c8887446530a1e188_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2426

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    a7be1b0462f18d532fce2fd94b89fb91

    SHA1

    2ab64f96206b7e888bfded329b09ad032936d34e

    SHA256

    b517b739f8e2cbec73f0d3734c574049021b4d8c11056687b72c559d21a83dc3

    SHA512

    6c39f2d0ca366652d1ed0d0fe9d6284f37b61d133d0f208af4a1124a5e132d8cc007a5ca905e23e0006b0933870d891e78365319244905400d99aac8a7f3aca6

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    08ae2f4728f558132c0ef36765831968

    SHA1

    a119f6eb800fd68eb69d0d51e5da022cc51b9778

    SHA256

    346ff0a39d52b72334f2a1326f47b1abf0a822bc24723eaa8c94fb79a78010ec

    SHA512

    c7745c35c24338a771d5e191e4a19e33aea6ba1a06519fcf0b8ced7e9089c4f853b55287a6088d2eb6d755109454e1416cf2011db6db0dbc2f9140e6fc1340dd

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    cc0991344c3d760ae42259064406bae1

    SHA1

    de35063a36ff0e4fbdb75c337589668ad4de8374

    SHA256

    3d93ec274ab8ebaa470a8294089ff8a2936ce457c7e0f8465a74d7dffa3df320

    SHA512

    e9fb21e9b7cf6615a9dfd514ed16fa1d9b7c95202f4cbc57c272d09b8c52fad3a79c0dca16f7597d0a77bff99313e41b579c6e239f157e212c16005d902846b7

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    201f659204b5d2fafff59c737c786ea8

    SHA1

    7334769f5edcab9f58d533a9fca86a0378fce8bf

    SHA256

    676cd883f47c40457f20bf40f41009a17be5b8ff1d41f560cc7a7b32b3c9c2a8

    SHA512

    931bb52ec79522a36afe0a21c2b337e3c833e24fb9a8e7c0bddf2f25f56c494f158c5852452e6e2ba692318126c647593d6d1421743289618d157abc14fb32c0

    Download Submit