Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 17:38

General

  • Target

    560c5c7cc6092ae3e64d95451ca20d9e_JaffaCakes118

  • Size

    1.2MB

  • MD5

    560c5c7cc6092ae3e64d95451ca20d9e

  • SHA1

    23cf123b94b466ac3a88d0ba6314d8d86ee2c351

  • SHA256

    b13386fda628640b3c53db11bec67fbbc3bde78e42b780c56737ead5251fa846

  • SHA512

    d286734990ba172334703d89bb014ec167f9c5ca971514fa0a304d4b4c4889c794c1722a28aca2489c2cb4c42151011bab3698d329eafc07e035989ce6de43b8

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4/2y1q2rJp0:745vRVJKGtSA0VWeo+u9p0

Score
7/10

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

Processes

  • /tmp/560c5c7cc6092ae3e64d95451ca20d9e_JaffaCakes118
    /tmp/560c5c7cc6092ae3e64d95451ca20d9e_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt

    Filesize

    64B

    MD5

    6c6e94bb8e2824e237f914eeebd8c35c

    SHA1

    f9253f6c6b5c9d3da30e92890e2fe256440d90b9

    SHA256

    e948a9d22152de663ea102d37570fb342c3df948fde41f03bf9ae9e7db0908fd

    SHA512

    e5ea676f5a928b35e6c6f17d454798c09d863ed297140760798ffe5f2489bd6e977ff17a70005a28948299098907015faea33f2b8f5b5cf83c5b105804aa1fd4

  • /tmp/conf.n

    Filesize

    73B

    MD5

    1e45e1b3598ec16292269c28b19243f9

    SHA1

    a3b2cb046bccc74dd7a06667f53a97f525fce860

    SHA256

    83ea3bbfc2daeed1029dfc8a37cb3f0d70afdbda48a8e1eb659f605d7bfb8bbf

    SHA512

    d929fa04e2dd9d9ca5471bf7b25a7cf590c1087432ea4e8055e55f288a0587b1bb8e10cf90c8d53353c32a56ed9bdfeb027d841dac3fd98c42665e2f6b5ef8d9

  • /tmp/gates.lod

    Filesize

    4B

    MD5

    53f0d7c537d99b3824f0f99d62ea2428

    SHA1

    fd036c77bc43059b0dfa9067039290b8f17440e5

    SHA256

    aabbb2bd43c0fb27462f139e0274faa6c3a5c6d600e1b2fc6d3c96c18503607e

    SHA512

    f934b9aec051382903f7bf391e6ea8d79771c4d95e804f47ee016b69985af5d651003595dda29c494ab592b0928dca406bdd56fc1352f5d471ab3b86f4dd9813

  • /tmp/notify.file

    Filesize

    51B

    MD5

    29b17609a27d98fc7d9519d611c2a3e6

    SHA1

    a2200dd1b898cddba00118227bdb098f6a0cc0aa

    SHA256

    a129ab63f22afd4f903a7308abceedfdf57c57cd92873814346e303d0740f6e8

    SHA512

    1e91d2aec5a999ddb15a42eb147e40fe327c15adbd30f5ba502a42be1595a613447db405d56ce4cb78aa668f15526ca2ce55ca91fb12417131ffaffe93bc1a89