Overview

overview

10

Static

static

10

42f41ee1a0...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 11:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    42f41ee1a0df8c4f2675ef4f7d0be50c_JaffaCakes118

  • Size

    1.2MB

  • MD5

    42f41ee1a0df8c4f2675ef4f7d0be50c

  • SHA1

    60daf8d54fbbf4baacdbd95238a36088a2537883

  • SHA256

    f03332a5de45cbee0d58a538e94e1d1416ba8fbb4053892efb7b9e0c8b866b82

  • SHA512

    64350a551f472571e0bbae5fec7385a242fd323c8dcdba7a2cc2b60ca97f306dec72a447397e8633a48e89ba6d559fa96b46591176933b1e844b1c40cfecad26

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4b2y1q2rJp0:745vRVJKGtSA0VWeoqu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/42f41ee1a0df8c4f2675ef4f7d0be50c_JaffaCakes118
    /tmp/42f41ee1a0df8c4f2675ef4f7d0be50c_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2489

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    157cf7e517096a9976758771e73718ec

    SHA1

    9d5b183575d9ccf89a22dfcdfbc31aaccdef0352

    SHA256

    4d42d1ab8dc00df50c33abbd946e857f3eff76db3990582a29dd0d19bd8f4a77

    SHA512

    9a200d09ad6d788a6aef49467d94406479a50942ff7e4dfed50ba8728b6c990c98ce2f62988aa978221881cb6b9c0fd2b0157f29b54964da8068aa9864893313

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    74efbb3606608a8d5dbc8c9dd7267b8c

    SHA1

    0559beb1c25400b33187bce43a529be55a77d981

    SHA256

    9deed24cd195b934e0162766aa19c11e8ebb8ebe6d73af6f2fdcd23e80ce1a68

    SHA512

    95eb0d723142c128acd7c2a8291fb35d136254abc5f8a18c4ed0aa7e684aee4897f4f3343084c67e21283658b0a8d7cf983ac5c54dcc464f326b4f3f710d6810

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    01a0683665f38d8e5e567b3b15ca98bf

    SHA1

    82f752807893c63f06db6a25fe56160403214fb3

    SHA256

    dc7d6256d124bcc9244d6d0e437beabded4b25d4fbf77ccb595375b8f5f1e903

    SHA512

    856e740801bf35defc00762472a14cdd4aae90fdf63b6ba5dc04ba831c1a61cfa24a34fe85ab1791bed50668ee6049c7707b17207b5e6f6076995abed723eb57

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    57e00337da7c2f7387228eaf8379a233

    SHA1

    f6191b9beafd93abc503d8499496f189192de122

    SHA256

    f622c35b77fd385898a449130d294b569882dc7694fbfdd583c26a83699e030c

    SHA512

    4562c74e3ded699ce835f0fff6480d3eca20fa7d802fc77c31d44d221a304298910e9fc23e3833d987a5d7587aadd625852bb5f4f77fbc9acfc207e3dfb5414a

    Download Submit