Overview

overview

10

Static

static

10

9e60735384...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    16-08-2024 12:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9e6073538468326e01478e143aa3e5c3_JaffaCakes118

  • Size

    1.2MB

  • MD5

    9e6073538468326e01478e143aa3e5c3

  • SHA1

    638a558964c747c4e68b8bca4f878bd7a7b8b41f

  • SHA256

    36db27cff73704108f0c39daf433f6afd2c1e8bbb21cb187e764c7c004d74c9d

  • SHA512

    01861158e6e138f4f50650e7a0660f94f2642a1b49d888509f3ef1ae0d44e9e0edf3559417b58b6b54b08ac40a419e021a5dc1c6cb7ae573fad47be02f6fd642

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWeX4T2y1q2rJp0:745vRVJKGtSA0VWeoSu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/9e6073538468326e01478e143aa3e5c3_JaffaCakes118
    /tmp/9e6073538468326e01478e143aa3e5c3_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2499

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    4a1eed6c9f4c4a1b8b7db3490e4e37d3

    SHA1

    620ab2e7465232f2dba05dbf5e97e4b4a85a9206

    SHA256

    22cbeb47a7516edfd6b69e9687ac42791e8cc930a31a4bac547ad1d2b9dbf808

    SHA512

    4a1a384a249f3f724e336fd3e18142a498af6280150671c350327bcc2436101a62525f99f33e3b2f8d6541cb59c9a874861cb7bba389f3ee3fcf19303e1b2245

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    7be7faf1d08471bde1c9f6115e163e7e

    SHA1

    66c23e203bd0930a4e7dd235b06a5083ed599033

    SHA256

    d6f34b5696692976ad9e459d62eba6bf0bec3f83d30cdf74c95167f114d80fa5

    SHA512

    b2730cb631c2b14b35e845b0f9b6c38a7800a7acf76d71621282241855c06e23362bda7075d3fcd506ac23432c96c34800522ada9e2484dd9a0579cf8b8461d3

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    3f998e713a6e02287c374fd26835d87e

    SHA1

    8cbb39bab46dc683457663bdd1a470404334f529

    SHA256

    dafff407d7450f62b0dd0c413f9f0745d70071b8ba4d731d093804be0502184e

    SHA512

    30a2b8969c04c2104b3ca85cfa268a5bd1d6f7c152fab187356934f1ab545f19ff2f69fe0f5baf6d812caa625dde5506b49c94d507d59fb6c96cd3f3dc6cbc6f

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    b5bd432a1ce4a7268fb7845796517be2

    SHA1

    839e18b11628d36a7935294e4eab06dc5deaab6f

    SHA256

    112b9e697bde9e3e4fec12f5180a06397a83642a85b12c2889207d9480719479

    SHA512

    de68b1466586eb03dd3f48fd4c0aaaeed6d2ac3160a0d32d672da413590eefd36306af86fb2a40e0a9bc67688e06702547b6fb70060dee4185b848fb98695fca

    Download Submit