Overview

overview

10

Static

static

10

808b03864a...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    01-08-2024 12:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    808b03864a94c894969f1d8e5c18ab48_JaffaCakes118

  • Size

    1.1MB

  • MD5

    808b03864a94c894969f1d8e5c18ab48

  • SHA1

    dd5cfe8429ae5778ce3442036672727dd5c1554c

  • SHA256

    c5dbc2f720a1524f0b19f94ea59e160bea44f17f2f1bca4c03bd0ebecd2854b1

  • SHA512

    f67d04919ea10ded10a73180beed91a139aae9da8c744031124675e309448af26737a5e933c4ae1156b329baba5f152918f33d866bd3ae06407d4d633deab322

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaKI+gIGYuuCol7r:4vREKfPqVE5jKsfaKRHGVo7r

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/808b03864a94c894969f1d8e5c18ab48_JaffaCakes118
    /tmp/808b03864a94c894969f1d8e5c18ab48_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2477

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/QsystemsshMmt
    Filesize

    64B

    MD5

    37106b974f8e9ad6478f1b131b8957cc

    SHA1

    e08cf235f5442975eeda836c672a70af9aa3ad23

    SHA256

    498b1ff213c4be9440cc9df49f14ecb1e01b4805249186eb29baddff1d3995c2

    SHA512

    6f29094de0df27c1952563641d8a22363a6f59c45da5ad655d7cc15f98a3fbeec67d513e4ad3ad7f6dcc3fbc9a03f6b5cd8403877b63557969bc9f26cd8e3dfc

    Download Submit

  • /tmp/Dest.cfg
    Filesize

    4B

    MD5

    53f0d7c537d99b3824f0f99d62ea2428

    SHA1

    fd036c77bc43059b0dfa9067039290b8f17440e5

    SHA256

    aabbb2bd43c0fb27462f139e0274faa6c3a5c6d600e1b2fc6d3c96c18503607e

    SHA512

    f934b9aec051382903f7bf391e6ea8d79771c4d95e804f47ee016b69985af5d651003595dda29c494ab592b0928dca406bdd56fc1352f5d471ab3b86f4dd9813

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    b6e5ae7c19b10b16baa67824d624109e

    SHA1

    ba53a356e75bf20292577ef8ba0bc1b6a95a7282

    SHA256

    6b2ad03c68c522577a6a0fa3a835c7b505b1ada08463179a8ab7326ae397743b

    SHA512

    1dce1514098d9dad60bfbaf4076b984719ab15ebfde66fefb54e31cea6abe84d650ed84572d03e71a27b7888aeb12fe21588dfcbfb1bfe327fe1e68d702c8d3a

    Download Submit