Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

79810df180...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    30/07/2024, 18:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    79810df180543917e25132442f4d53a0_JaffaCakes118

  • Size

    1.1MB

  • MD5

    79810df180543917e25132442f4d53a0

  • SHA1

    aa39200714cbbce9a98c8f903c6db1191aba13d8

  • SHA256

    b1318ac0536fc54cc9f83782dac871bd936eae3e6b08349620e8b6ff5948cf6c

  • SHA512

    ab63ea2d489d2d9ec521a115d9632df7d305846f39a8a8b76a52e63e7f9c31d3edbf748bf5b88cbd43cb305504e917eb2ebfbe33cd590b27408311b8d707976e

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaAI+gIGYuuCol7r:4vREKfPqVE5jKsfaARHGVo7r

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/79810df180543917e25132442f4d53a0_JaffaCakes118
    /tmp/79810df180543917e25132442f4d53a0_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2468

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    1b53f9ba89a3b8819ad5d0987b35b387

    SHA1

    d2021323ee1a73b67c480e399154fb415114732e

    SHA256

    c6d506874148580541b8de544df79d733a8c426196dd65554c00085c601a38bd

    SHA512

    d780fb8b0c315683c0b24268617ddff7780b4b3e93b4b8e89bac14d5e896ac3cfb25e166a8a962c0f7285b01f34db5a5532bd2a22277fa7c6838ba2c29c19f55

    Download Submit

  • /tmp/gates.lock
    Filesize

    4B

    MD5

    57bafb2c2dfeefba931bb03a835b1fa9

    SHA1

    46b97e6934ff6cda7bf3475ae9287ca1602723a8

    SHA256

    79059b443ce844d9e9fd0f26e064e6ccf02d9481285936b908449be0d74c93f1

    SHA512

    031b219b8803ad40ee24d571ebba49238f12c1be93364c2c98eb890e021f7636a9391e32c8305e2dc868fb8249b814ec42ab3c6c80e7d791dd2656d4baf1c08b

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    29c033641ed8ed7122bedbc83af23a33

    SHA1

    aed95dbd5f311c151aceddcadd4191722f40355a

    SHA256

    6112bd094e7607920a38e5c91a257b34053c5e24bc8d797f12f7db24a65b39c6

    SHA512

    efa6f783af9d2d2ff2c234dcdcf2e22a7e93e164256cab87fc188283a0d0f4f6e2d923019824802ad8f304a9865d2ef95d3213dababc06dc952896d352d34b0d

    Download Submit