Overview

overview

10

Static

static

10

9b50d04728...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    15-08-2024 19:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9b50d04728fffd580d51445c6b1ae07b_JaffaCakes118

  • Size

    1.2MB

  • MD5

    9b50d04728fffd580d51445c6b1ae07b

  • SHA1

    79d0c56a20f6ea231f193420246be868cb918f72

  • SHA256

    f465f331d988d1fed24039e09356517b89e603a70cbc992fe2313d0e11a1bdda

  • SHA512

    d9b9dc29f6ff4d120030c0bae0983f358b296cbbc3efaf989f47965358cbcee1ad36e5189e4b8e55b9769bbc3262679cd2aa7424904aa7b9b7e2ad5f9eb606bb

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4d2y1q2rJp0:745vRVJKGtSA0VWeo0u9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/9b50d04728fffd580d51445c6b1ae07b_JaffaCakes118
    /tmp/9b50d04728fffd580d51445c6b1ae07b_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2527

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    9d30b09fb726211a965b08693bdf47b8

    SHA1

    19b58a350a98b2e2be84fd54eb8d311d2c12afdb

    SHA256

    5b68865321644010c44d09c077f9976773b6d3080df85c427610f252d3f643cc

    SHA512

    9f1485c6fb14134ef3fed217dd7a6652a3a142770ad6421a12408c37cc3535a33c02b15d023add49acb2c0600389a19ba3c85e05493ce17fe9d0a42c0fff7b1a

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    82ca5dd156cc926b2992f73c2896f761

    SHA1

    6fc0bc9f74e7099cf98adc6deec1521527eaa278

    SHA256

    ed5667b58b1a81344b92381e198ec4a36d5ce86688561d30219c02c066159a61

    SHA512

    e8c5a75d70a25cffca0a43ee05a0873c1f0d70ed28185d7dc19c0c4e4199be0e19a76e56633f5b31dc4f779cbb8a076d0c62bf51da446c5de46dd5ee9717a4f8

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    e1b9f9cac57ff16a7b17d445036bde01

    SHA1

    1140672ee256a18423af7e7a629454b54681740f

    SHA256

    f04711afd1cc22a8b1513310b3bdde0f4deac9e48883ba00240362860efcae6c

    SHA512

    41fb0bdeb90fb52799ed55612c039f6d6f3a2e064da60e95f5ab82be16b7e921b40d5697baacac9ac82a161c6ed46c89da5882b42fcfc7c5f81fb1131e640bef

    Download Submit