Overview

overview

10

Static

static

10

4567a42d04...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 12:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4567a42d04d81239d9ea709cadda13c2_JaffaCakes118

  • Size

    1.1MB

  • MD5

    4567a42d04d81239d9ea709cadda13c2

  • SHA1

    880ef06a495083215aceb9e463b62ccfe8c62368

  • SHA256

    5c65b47eb464f29b91d8faa6d765b12318426d96e754d94eff7070961a616825

  • SHA512

    9ec48b2785d5789474cfcbfcb8135a7e61594b4420863c9dc98702baa96f25de380f0581f6e59af8c1a89c02ec5c154095479f1f4ef626b9f4333a9ab9a62dbc

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaeI+gIGYuuCol7r:4vREKfPqVE5jKsfaeRHGVo7r

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/4567a42d04d81239d9ea709cadda13c2_JaffaCakes118
    /tmp/4567a42d04d81239d9ea709cadda13c2_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:4061

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/VsystemsshMdt
    Filesize

    64B

    MD5

    3cfbdf964f5cb27df378935815545209

    SHA1

    6c028081567f24ae0225cf7fd5e057ae287ff094

    SHA256

    fdc20ccf56b2484a44b84b061ce661ba2b3fa1914bfd998e580e32f243a83c59

    SHA512

    bbd3e9f83306d3b806184df5442b83543500b7b47b5dd0e7d65c85e35c6096135c11dd1b17998c2864597a62c5191ec986e069003e5592e25ce000d90d2c980e

    Download Submit

  • /tmp/conf.n
    Filesize

    69B

    MD5

    3bea630234194a8ad5c4e3576c8e17d5

    SHA1

    3bbc9f580478142c89053e273e5a4dbf5fc8587f

    SHA256

    c969127dd5fb5280618ccf9650eff64a22f6a07e4d4adad42ec15bc1b9090f53

    SHA512

    65b5b9cb075a7d70781cfa465385e51db11a97d206c592af04b8f868ad41bf8168a076e3e6e55f8b9b58c2d38a7131dc89727c5db4e7862a9ddf6947de66ffd9

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    795a5f17ea99a7951939c155dee76f02

    SHA1

    306c2702b587e1571a4e12f1ad6877901cffd49a

    SHA256

    f963a4957c4c7825784f766deb3cf01f431013a35dfba39c87d9770b4dbaef03

    SHA512

    e23138f4612a07660e07076aca7d2e62c6d048d5defa0228ab3c051dce0e5e17024340da74577320c6976da5e8fdb4f7d9fbc6762df66fca2a03cde2c5ca0ed9

    Download Submit

  • /tmp/vga.conf
    Filesize

    4B

    MD5

    5463b514e21fbd3fec3772fba142a46e

    SHA1

    a095bdda62efcc85c40ac0da068651be98671ef8

    SHA256

    98968c513b70a24d01d5a131d65fa92bdc8c02f4f2d87832267b3fbd00b43104

    SHA512

    a5463a061233cf31ec5c4a0597cb8efc81d099572a62e9768d146784635efc94b5a6fcac765a21deb9df967e3d521ff26489734fc05f1d3cb4c53979b3dad807

    Download Submit