Overview

overview

10

Static

static

10

4a21bf0095...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 13:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    4a21bf00956f523f819d6229ed46dc43_JaffaCakes118

  • Size

    1.1MB

  • MD5

    4a21bf00956f523f819d6229ed46dc43

  • SHA1

    b87a5ee7e7c126f32cf9459f75565da60ba51a99

  • SHA256

    f974ea63526356d1cab4efb1b5f091b4e8a39efe4cfd41dd628328c725957ac9

  • SHA512

    c9968aa48b528d3941883a76d376b03c72b3a5003cba33efa3a65c139eb40621e6f53bdb13e4df048ae7cd2ed5b3f76d6914b12ff5504996092e8507be9114e0

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaxI+gIGYuuCol7r:4vREKfPqVE5jKsfaxRHGVo7r

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/4a21bf00956f523f819d6229ed46dc43_JaffaCakes118
    /tmp/4a21bf00956f523f819d6229ed46dc43_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecurityMdt
    Filesize

    64B

    MD5

    1d3614f7417025c74749578257b17583

    SHA1

    03a07dfb1ea185bd9fee7a755aa8f70e895485f5

    SHA256

    1a72764cbb34045d7fc3a848f0f7f5c83b356cc3ace50c1ee6f5328cdbdbbeff

    SHA512

    aaf5837a3054242179b02074351c1d883e30e3f5ba76c3ddee188507328f6231d2504b0cf5d2e42578e8baa5bf9e22568a13377de85a165303b64d93be46002f

    Download Submit

  • /tmp/gates.note
    Filesize

    4B

    MD5

    cf05968255451bdefe3c5bc64d550517

    SHA1

    3413b8533e826b3f881a50cef818b60da3c23659

    SHA256

    a1e2bd5c65064ebba3b2e01115e719eb8c83551ca71a9bcaf3bfd2e746c783c0

    SHA512

    cef36924c7f2df28a4e0e4722ac172a211dd24b4d9e95e609fe3f6c2e46d4a6defe65544cd105f3f9fd2803b2e895f7ebc9b45c1744c79122f0159d28d5ad027

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    60c0f1df7a7cac8c8100eab5528f170e

    SHA1

    f0415b92b0a1d3d4f886f56943204f1c68310299

    SHA256

    1be98fe3373f0550b2d6cf77f921e4ba5af131b12f5c4efb42fbf51b43183ed4

    SHA512

    dbe70a13d13ccbf7f25620a0a070446b1b0d06fe0682e1a8eb665ac1890b9226a337bc490e4753b8361743c72ed22529345b3694da7a2de96bcc042b9cd95812

    Download Submit