Overview

overview

10

Static

static

10

8b74bde6d1...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    11-08-2024 18:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8b74bde6d1d4e77e80ec6ae82d4dbd7c_JaffaCakes118

  • Size

    1.2MB

  • MD5

    8b74bde6d1d4e77e80ec6ae82d4dbd7c

  • SHA1

    0a90ce500171e0e901fef3c32ed1c5a69567cba2

  • SHA256

    6de4444f10d409b293166aa1d9ae36dde104bf3c2a62edfb015ecc7e08adac89

  • SHA512

    8969d23a7330d3189034f21b48992985c2cd9ab881ad235ab8c7a4910a11d1124fd98c977b973e72992e6ea0951d779d527087dad1446fcf63705d7b44b3a6a7

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4D2y1q2rJp0:745vRVJKGtSA0VWeoiu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/8b74bde6d1d4e77e80ec6ae82d4dbd7c_JaffaCakes118
    /tmp/8b74bde6d1d4e77e80ec6ae82d4dbd7c_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2315

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    0aef54102d333672d75329343c99fcd6

    SHA1

    e6bd079af7d63d3330fae8267c2cf987a4744cd6

    SHA256

    65c5bc0d5bb605d3a1dc4a6257b0a341df224e718188623135984966d922bd0e

    SHA512

    afb19fd3f7b10e14d557c35c5747d782614196c5088388e8b4ec894484b6f22e09705132e651e67f1ae7dfe95e772d6acdaac5ac3fd092b7ad773151d1ab817f

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    68d309812548887400e375eaa036d2f1

    SHA1

    4dc36912b7f591ac9325d87571088bcb7536d6dc

    SHA256

    2a3d4a80aa7481df2d65446bdc5b55a5eec9d940aa44b326882fceac780b24d0

    SHA512

    8bd9923f2da669edd019291ca371dcdfae105a63cb4df54cc0b09cedc365c1af2ef8bd78f0b54cdc9854654c0945eff69e64a3b5e974c33f298c4a26d5991053

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    cb5ace4d1c3f1577decf8150e68fe437

    SHA1

    2fc50f06f8e1ccc1a948b93bd5df4eb79a0efd94

    SHA256

    e8e17b0f72413d5fac3a679861d76a4a169849795f9d7952f0f02b57c1020e74

    SHA512

    e0d02fc183b32f413e59799e9a3f38a6ebcc5dcb35130b2c000474103f9aca31b8971482fdcb995797c24d073671538e245fdbe5d0072f83174ed3e6f22e6864

    Download Submit