Overview

overview

10

Static

static

10

816bef662d...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    01-08-2024 17:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    816bef662dff8da24a8ab69ad7ba5796_JaffaCakes118

  • Size

    1.2MB

  • MD5

    816bef662dff8da24a8ab69ad7ba5796

  • SHA1

    153ca42b247bad0bff06231132944e721678412b

  • SHA256

    c90b1fb0c4050b8c17e0116133dab3e61622182137538a6d1e3921e93aafbd78

  • SHA512

    2f38310b028701bf7a770857d3fa7b5e4bf9cf393f36a63ee499167a3ec7951d8f873e7cf14a0837e4d3a2c6a0c33c9db8471ac8b66f95e361531aa8cbcfc8c9

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4P2y1q2rJp0:745vRVJKGtSA0VWeouu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/816bef662dff8da24a8ab69ad7ba5796_JaffaCakes118
    /tmp/816bef662dff8da24a8ab69ad7ba5796_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    4585345c9d2747a289cf12343ae66f1d

    SHA1

    29283c07f4b914438063dc1b32cf3414c21b53b4

    SHA256

    6f56766170d58f58ef1586030a62e3e2fd25672c752e980d8d96e643052fd71e

    SHA512

    5ca02501712ca5fe6b13b3a735d899a4057a9b65723d251a8bfdb340a14cfc873a6cb254342c89338f66391dc5aeb54c4c4654aea4e8da273a152c4c9f49ea8c

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    92a0e7a415d64ebafcb16a8ca817cde4

    SHA1

    905a8f8b48955bdeb27a1b6ad626ffde782f624a

    SHA256

    1ea65ea38f2f574b3875ba895e4ff76b284b7725041612dfa0fdcc81d49e0f4f

    SHA512

    cfb433debbdd79a943c10f8c114591f25f9d7f22c89e27193f0c9b15e84e83f258c0446e89b27bb65cb674ef569c5f5f54221af0f45e3f7703801cbb28c52e10

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    e3b7ab82c798859d995ac396a11851d8

    SHA1

    fd3d82a89ae1cf70f5fa86414bc28a4dc2e5849d

    SHA256

    fe14e12d8db4e4bdd9a95f994a9d3ee3e791a7cd2ca50d8ea35a8e4973132463

    SHA512

    c2a48ecaaf9f84e8f0b826fcb2811ae08a123eb551ad9a446fe62828fe2749470c1578b0ac5a49286597cec3211d01384be3faa02dc74e631a6ca07ad18d1101

    Download Submit