Overview

overview

10

Static

static

10

5be363e0fa...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    29-07-2024 19:42

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5be363e0faf3e8ecc4bf54ba66ac8f40_JaffaCakes118

  • Size

    1.2MB

  • MD5

    5be363e0faf3e8ecc4bf54ba66ac8f40

  • SHA1

    f48521b007c49c7c3fe3424819971912f84bf29c

  • SHA256

    23a91d190440fc1c4a8889e2359d593716497f78b71f421365b9bdd1772abcec

  • SHA512

    23aaf0d86b982980ef17eae171ce6c06bdb667f70c0618caff736e9a38a9905b0a2223821ea14ac1cbd313195df1d0252db85a8f8785d1c0e6f4eea7d63e3c04

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWIX4i2y1q2rJp0:745vRVJKGtSA0VWIoRu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/5be363e0faf3e8ecc4bf54ba66ac8f40_JaffaCakes118
    /tmp/5be363e0faf3e8ecc4bf54ba66ac8f40_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2459

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    e1ea5753e0c89d29bd97b398172f70ae

    SHA1

    ad11b7e969b9caa3703ed61bf32e55d4be867329

    SHA256

    e606b0f51fdb29e75c029068a494f14ecafb0d66595327efa18aaafb91f9efaf

    SHA512

    39e9ba0eee8777bbce54d37e5be3fda2142d2127a6c63f55784b43ddf15d650684685de3c68d98f2354384adaf35b62c944ad4bce94e754626cf4aa827187079

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    cf05968255451bdefe3c5bc64d550517

    SHA1

    3413b8533e826b3f881a50cef818b60da3c23659

    SHA256

    a1e2bd5c65064ebba3b2e01115e719eb8c83551ca71a9bcaf3bfd2e746c783c0

    SHA512

    cef36924c7f2df28a4e0e4722ac172a211dd24b4d9e95e609fe3f6c2e46d4a6defe65544cd105f3f9fd2803b2e895f7ebc9b45c1744c79122f0159d28d5ad027

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    e376a2f07fe60b001f7d4a18ac243352

    SHA1

    b5cfec235415dd96028e14a020bfb43215d383d9

    SHA256

    6e1e72fd8f4984c2223fe1614de84879a03d8e021da81fc3d1abc4322d4490ea

    SHA512

    1f9fa06fc9fe52b5c3902e70cc214148a58ab09ce86fdc9e74ca2eeca4959c1fbc5be3bba3664439ac55321a444af419dba778581adc62e8e2b8c92aadbe40a8

    Download Submit