Overview

overview

10

Static

static

10

57cdc48eaa...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 18:20

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    57cdc48eaa07c06e05e40a6ff4f91152_JaffaCakes118

  • Size

    1.1MB

  • MD5

    57cdc48eaa07c06e05e40a6ff4f91152

  • SHA1

    73aa4491cc45e5bb2c124dea5f899bfbbb7b3871

  • SHA256

    e242b05592dd0460ba7ff61fc458af4c41eac421d770a1a5f24bf5c81a6f1a74

  • SHA512

    ccbbafcdb90bd58ebf773d3eb358efff9612346a91197b817d40d19d93db3f4fef9c856fb55162380217af3f78c21caee6adb5f3d1a26719f7d730c85c2a8b98

  • SSDEEP

    24576:5ajGoPkpF6jxtFJh/zRgQ4CkIWFNEm7YZPSlJcsZvp2wL1:kkpF+jj1gQ4CrIEm7YZ4Jc8bL1

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/57cdc48eaa07c06e05e40a6ff4f91152_JaffaCakes118
    /tmp/57cdc48eaa07c06e05e40a6ff4f91152_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:4063

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    76f935b538011310e88d355b228cc091

    SHA1

    fcb3747acc963869186088b62ec06bf93d98c10a

    SHA256

    856cef973eb6c62dd429a941bb0b7bc16e0217dee597adeb04f49a4db890dfec

    SHA512

    c4b7c3ec2eeee0d36838e54e52eda58282ca23f6e365661dd914bcd4a5c00963d4279710e547fe6dd41dda248ac5a5d4943ef97d7b0267c9ba738e1d78288e64

    Download Submit

  • /tmp/conf.n
    Filesize

    69B

    MD5

    3bea630234194a8ad5c4e3576c8e17d5

    SHA1

    3bbc9f580478142c89053e273e5a4dbf5fc8587f

    SHA256

    c969127dd5fb5280618ccf9650eff64a22f6a07e4d4adad42ec15bc1b9090f53

    SHA512

    65b5b9cb075a7d70781cfa465385e51db11a97d206c592af04b8f868ad41bf8168a076e3e6e55f8b9b58c2d38a7131dc89727c5db4e7862a9ddf6947de66ffd9

    Download Submit

  • /tmp/gates.lock
    Filesize

    4B

    MD5

    a19883fca95d0e5ec7ee6c94c6c32028

    SHA1

    352e04be1f73fd02137de7409de203acf127a3a7

    SHA256

    99d344d4dba211c90671a24e7e9c78997852d0e1ded16c250539142881f254e1

    SHA512

    943d76e86328f5cd75ee6739599b94cdfba5ed96d7af44c723b36f63719f81f219aff5cfb91c33abf66f95691bce1f18a8d8007eab8f74ce43a83f0e2bce4f84

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    e9a3d3f0152a5abf1961c9e4accd08ba

    SHA1

    2c6dddcf165790e49a8e602b1bea470d6f364b7c

    SHA256

    2e3daedb1cdaa1c4bef874d4f39350ce277b9332715b7de8ee77062b0091405c

    SHA512

    201a5c05284aca551f26068ca2883e70898f402f99791664e72ff1a31a9ba964a39a2600b5dd4ab5ebdf83c7516935250e7628cefa38d451321c0c9563a157fa

    Download Submit