Overview

overview

10

Static

static

10

87a0ff4546...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    10-08-2024 20:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    87a0ff454622c5c3d3a2506134e1771d_JaffaCakes118

  • Size

    1.2MB

  • MD5

    87a0ff454622c5c3d3a2506134e1771d

  • SHA1

    d46762366ce8e1a702b6077c0c32d648fadea929

  • SHA256

    bfa080c361c8180c681d0ba3c9663e9e933352f4ec3396c486f2094def27a2c2

  • SHA512

    badba44b6b461cc0362c09557a0743f0a2684c385a6c83434382fca495e404e4d6dd77c75364c98b6c55dc4b204eafed66642cb7e5983b98558d299ce1b77964

  • SSDEEP

    24576:e845rlHu6gVJKG75oFpA0VWtX4G2y1q2rJp0:745wRVJKGtSA0VWtoVu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/87a0ff454622c5c3d3a2506134e1771d_JaffaCakes118
    /tmp/87a0ff454622c5c3d3a2506134e1771d_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2499

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    108ae1ca878daa3ed9213c70b1912a63

    SHA1

    454181ba108e0d9c4e10d6f005bdc28bda8f7729

    SHA256

    a0b4a5016eca7b07261808051f5e2f4328cb9291809fb1eee8c1398b4e8ace45

    SHA512

    9492e981edb8eb8e41084620079c85c1436422325024954d6ba8e37f205fae5ef0b107a99431f92ad012e7320777de1544d8a9cf5cb9dcdc346fccdf6ee6feaa

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    3631fffe4d0a7428d3f74136d88ca1c6

    SHA1

    590d1934116e26a42612b4a928c788268c400977

    SHA256

    6329988783c49da4a5658546134b9ff507992790b990711a1e05e19528502b08

    SHA512

    1ca436d881d7db4b559693bae5ade12ebf76d265b1d26f56517ac71e8c79ee75c14c375cdae57b74dae830fe46af42a7d64d8ce4f6efbfaa7f6c60f55aab07d2

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    3f998e713a6e02287c374fd26835d87e

    SHA1

    8cbb39bab46dc683457663bdd1a470404334f529

    SHA256

    dafff407d7450f62b0dd0c413f9f0745d70071b8ba4d731d093804be0502184e

    SHA512

    30a2b8969c04c2104b3ca85cfa268a5bd1d6f7c152fab187356934f1ab545f19ff2f69fe0f5baf6d812caa625dde5506b49c94d507d59fb6c96cd3f3dc6cbc6f

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    4fc409fee42287d880714e69901255b2

    SHA1

    1596f2b5035fc8ab6e9f1a499b0edbdc659ee3c2

    SHA256

    797f68f26d21ab71bb3f77a07282d813069034c7d01862f9ef6400e3f4fd88e5

    SHA512

    00bcc9ea9637961e7cc32cd7565c9fa2ee8e9611267871e4c6485bd9acc6c6a208eb7cb8185d0fb061e1d2a2d64bc06460959887614527f1df18a80e7d1a9e07

    Download Submit