Overview

overview

10

Static

static

10

99af35eda1...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    15-08-2024 09:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    99af35eda136ece53053a4ac0ffb5931_JaffaCakes118

  • Size

    1.2MB

  • MD5

    99af35eda136ece53053a4ac0ffb5931

  • SHA1

    fea4b46f01ed73b0394dcd41293e45cf07f10920

  • SHA256

    403015ed09154f18aacc97292337940c42d72e6e2b2f80c6d8d8c3e9e542d1a2

  • SHA512

    7a321df39ce886a73e76b7bc92deb8b111b4bf26a9b96ab9b9f656d7c6d429c038594d6849205596f4c37a45c3a7f0dc0299203b9530528c4f0660b0b4ad8ccf

  • SSDEEP

    24576:e845rUHu6gVJKG75oFpA0VWIX4G2y1q2rJp0:7451RVJKGtSA0VWIoVu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/99af35eda136ece53053a4ac0ffb5931_JaffaCakes118
    /tmp/99af35eda136ece53053a4ac0ffb5931_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2791

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    7541947a587f7d650df84faa6cc5d88d

    SHA1

    643f99c8b739faa91b76c04ef8add81694eeba36

    SHA256

    348ebe2b7fbd8870515fdf52e9b3e0ea38fa9b497ac9699306dbfb37fc99adc2

    SHA512

    ada70375c05b04026b004424bc6741327178a612a165d54961ec4a74cdd46bd44c31908b568b35849d7939b82ff5e59bfbd68ec481b08fa86aaf35e4d6187e33

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    4ea6a546c19499318091a9df40a13181

    SHA1

    e36e019e5bb8895fd3c5ab4a2530b467bf564f11

    SHA256

    a3f0ac6f4436d7e6757a4e990486299f1a37db9a2de46df297fb2a24f2e9d5d8

    SHA512

    b393c3d30fc2b704b9f579b02fd602d50ee52944ed54059585d3b1de27f373e4b139a051f49bafc97470ec9f4041680c6075a7afa7e13ee611d0aaff7d1d2021

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    7d8f966d43993f0ff79bb2d46c3afc2d

    SHA1

    5cbeadf13d4c463b7d0e2aea97f671ea59359473

    SHA256

    c9c4c55a2626c40bcaa5e64f85189569765d4f20ba5742fa0dbdf4dd0541fee6

    SHA512

    2db1a41742041813fd55cb263a928bf197af2fc9e05fa306a7b8b560d037fefe4e4bf427c56639491b34442d2e9a6e6cefab375083c6cf42c60016966ef08443

    Download Submit