Overview

overview

10

Static

static

10

982d3aa274...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    14-08-2024 23:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    982d3aa274c6f9af9d324adc890c8a0b_JaffaCakes118

  • Size

    1.2MB

  • MD5

    982d3aa274c6f9af9d324adc890c8a0b

  • SHA1

    268609704d84400c7dd825ba45ce4bbd97c4e4a8

  • SHA256

    096cca36b5529d4c8b78834e0e0f5c1e5f814936a396db89718d3473855c7926

  • SHA512

    6f3c25862de1e2141dba3aac07ae42460d3e5c9abe20b55fcb157bf88e6ffcf0df645d32bc74653a42fa8c810a5d1d4e32117b23d4c17411479a6e63bb740c4d

  • SSDEEP

    24576:e845rUHu6gVJKG75oFpA0VW5X4G2y1q2rJp0:7451RVJKGtSA0VW5oVu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/982d3aa274c6f9af9d324adc890c8a0b_JaffaCakes118
    /tmp/982d3aa274c6f9af9d324adc890c8a0b_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2766

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    33dd9846d129ef4eba3058f3407f63c8

    SHA1

    1aab70e0ab20345248b08dbb5093febd5a124e5d

    SHA256

    c8c0510075909e812e101e075f55b6c93f34d50347cdfef5899038c15f945f77

    SHA512

    6489e16e13ba985b26dad02c94b9da1370d7c1fe8937d5544734158e45e01a97eee90f18a18603c787a33aa718ef61aab1617cd7c409e6e3bb93d0ab8ef57648

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    f499d34bd87b42948b3960b8f6b82e74

    SHA1

    f12ac755331f5f271983cd46bb015a2449cf797a

    SHA256

    a3d951e968e6ca5ee3af64eab235842c06af694b9943eea7fc81eacd738e7224

    SHA512

    32f541c05daa38953b4e58372baacc983047237d8cecf50f82a64eb6c3e1ada61ce34f96ccf91511b3916eb4ad9e75ec1691db3baf580d86fa14ded8cad31d23

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    2a71ff7af1930e19f4a9f530f41781b6

    SHA1

    24ba6ac70b3f3b32b798126db2083a5eb6b1c4b6

    SHA256

    a5fb8a96f0b02f7d418423bcbd60afe2d0256ed642984c1203cc29767ba77e7f

    SHA512

    ea0886acd507d0198098a250081faed2965316d6578f9433f7294eeb39d35a9bca7d1c03526fabe00fe5421f2b349524c1614d99dbb48dc9cdd870125f479944

    Download Submit