Overview

overview

10

Static

static

10

798e701f43...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    30-07-2024 18:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    798e701f432cd157befc956f7f506847_JaffaCakes118

  • Size

    1.2MB

  • MD5

    798e701f432cd157befc956f7f506847

  • SHA1

    49a5f60432f483bdf2f30e41137a160a47295b46

  • SHA256

    230d9f6de7d3491a5ae9cd3e1453e2f3b7b96226b018bccbb3d33f3e17f109be

  • SHA512

    958bc38049a1c2a0d3732380c7a0601a0c33f886b53a51f23df594c7fce69f18a2a1b119feff20e74e61b4a968e00427c443cd9456265b56e8cd0f2915852b52

  • SSDEEP

    24576:e845rlHu6gVJKG75oFpA0VWKX4G2y1q2rJp0:745wRVJKGtSA0VWKoVu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/798e701f432cd157befc956f7f506847_JaffaCakes118
    /tmp/798e701f432cd157befc956f7f506847_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2518

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    813ae58c08b3acb9418d7de83ab1d4b9

    SHA1

    d99808d0dae67c02d4f75dc8748b154de5b2b88d

    SHA256

    7728fbdf1dc56530b918d9e44c789219db4e1e6bb076022a1e7d8f91845b0211

    SHA512

    b5dc9b4e4a0adc352f27404d7062aada4a8f51ff730618dba4d3cfcb8487641644c2593f852db4ea88556ba4aa78a04d816c81cf07119e67da16f0c8afe28352

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    cfb444b1490204ec0174a01a15e91593

    SHA1

    8029b1be1252e6df4064dd7fbca5e18cf54954a8

    SHA256

    75788d4c49196c48780b7504bbbb40238874d3dfa85a95626aff166a5eb32110

    SHA512

    9fcef324d71e05421812414219f3fb9b7be2cd8710a8f3ae214a26a740a82366f4820fec779f9ad44d740f3faa99b9b8eea37a5cead7e4ed5b9ea1dc3165fa54

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    070dbb6024b5ef93784428afc71f2146

    SHA1

    748619d6da8037a46952d1fed7c02872b83f2ddf

    SHA256

    4366b9ea549261637af29a7ca331c75ef21244839073b582ac203e25594b51d0

    SHA512

    5d2b84d2a111a888e1d93d138ac725632adf04c84dba38198138e04f753ba9199e725e2efa63364b2da77a405d5f9afbaf6c5f597a1ed0ec91ab1d98790c9ce7

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    a0dc15e957589b852c6bfb2de27a02a1

    SHA1

    2a50d6a06181817b7534a2adf037aafc9687ad1e

    SHA256

    8e79faa095e2dc4ac15024bfb984039d178a4cb54249c6c0779cd626b9eee538

    SHA512

    018f80642e966bed83c8773fbeb63f1a793aeb11807917d6be64b0505e664d4a8f0719611379fd78f03469e51542bf54bf1f60897efcb7ef31781a8ac1b0cf89

    Download Submit