Overview

overview

10

Static

static

10

988ccc2009...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    15-08-2024 02:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    988ccc200938e8035a706eab1d29f7ad_JaffaCakes118

  • Size

    1.2MB

  • MD5

    988ccc200938e8035a706eab1d29f7ad

  • SHA1

    d3a7acf9c7154c3034b96961cf2851407841ee0a

  • SHA256

    76ea831aa66b74325c07e30ebf573279ba0a65a0da4915e7ca99a7d2efcc0891

  • SHA512

    8170cf21d9489de577a206e1e7703edf8f7001c8631a5b8fc597b3d5aa503bab533bb0578358f55244726500ebcc818a8d7d0015a6706741439f27e198771e81

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWIX4I2y1q2rJp0:745vRVJKGtSA0VWIoPu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/988ccc200938e8035a706eab1d29f7ad_JaffaCakes118
    /tmp/988ccc200938e8035a706eab1d29f7ad_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2527

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    5c7d8c32b33ce20a70cc15900afd3921

    SHA1

    9e5600f6671d361ee098e86a993acb798599ffda

    SHA256

    71dfdd6f002d5f7c511e02a6e2a76668551ded052690e5de9008d5b32736684e

    SHA512

    f6f51ccb58ca32e36dcb9e8da1c89afdc49e9a345439c4dc65b41f93c97b87424ffcc1bafd646c26f0a62b333c96f3523a1a20801647b2f8d0cf253776bc52de

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    82ca5dd156cc926b2992f73c2896f761

    SHA1

    6fc0bc9f74e7099cf98adc6deec1521527eaa278

    SHA256

    ed5667b58b1a81344b92381e198ec4a36d5ce86688561d30219c02c066159a61

    SHA512

    e8c5a75d70a25cffca0a43ee05a0873c1f0d70ed28185d7dc19c0c4e4199be0e19a76e56633f5b31dc4f779cbb8a076d0c62bf51da446c5de46dd5ee9717a4f8

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    acc1a302edf3c10b77d00b8750bebda2

    SHA1

    f00c0e9863daf3e05a5081dac9a121f0f6d48212

    SHA256

    f4a573f3e814ef3ee957dcb88cc33facc9d45fb2115995948951ec1d81919952

    SHA512

    e7416534445c86272655b02998c2bfa878ea02c51648a8dcc069ccb42184b68fd167328fa4ed0ea86f548307aa5ca5455710c3b03f923e7a70158f75fd3f0aa5

    Download Submit