Overview

overview

10

Static

static

10

a2995f68bb...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    149s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    17-08-2024 12:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a2995f68bba0918865b05d5012ff0d0d_JaffaCakes118

  • Size

    1.2MB

  • MD5

    a2995f68bba0918865b05d5012ff0d0d

  • SHA1

    22c45fed9dea067d49c54fc116517afb23585fea

  • SHA256

    1ad27d98160348d7781b80f5a7f528d82f037d5dddc8fda238d254bfefd02401

  • SHA512

    448006334757fcabd890bd403fa3bec4168c388f0e3d38fa82ed7fb6605b7b08feb034a34ab0196b5ecfbd7e03699f2815e4d59b42e022db5adc05121d125d9a

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWIX4v2y1q2rJp0:745vRVJKGtSA0VWIoOu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/a2995f68bba0918865b05d5012ff0d0d_JaffaCakes118
    /tmp/a2995f68bba0918865b05d5012ff0d0d_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2534

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    db75a27e28c0c1ed7b559818dc8a0729

    SHA1

    fd77beb36dbe84e0be200d5f377e6acc86f6926e

    SHA256

    b2419cf4849c6004b35ed866bfe62c859cb02d11816447708b767dbd83977fc8

    SHA512

    7dd344f69b54447f238a373afd4ad454ddfbf6684a8690f86134d7790415c7cffb871c94ce3fb86a87c38777b7f286b825a75b901f027668f0327c776feed619

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    176d7ab583017bcca036ecf14eb217cd

    SHA1

    5967e46a23755150cbf4eb9111a8d7789e50988e

    SHA256

    5de7089d6e2ad47418986e45772bff6104099f0636f1e4a36e364e9a7f710dc4

    SHA512

    8a6357e9949b683b2a79f2b801fe5836843b17c4e17b61921c745ef7fb60a586fe9d2aa6aeac64e400e12d589b2972460e4f45627dd9ddc94778a7cbafc17a18

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    f7ac67a9aa8d255282de7d11391e1b69

    SHA1

    40b3c4d64de2be7dc65e8772aac42d8509cda4b7

    SHA256

    e1b9005b2bd9380bf2ad43494b6a0c3de7db20532a7297fde352214e9610e4b7

    SHA512

    09ed6875116a0852b410396c2102fd0ac3412ed3cbac49901604efb86acfedd5c12fb787d9cba6c9dea7f054c54e1f67db9d219af26641de7a159f83c549e0ff

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    f5c99f4e0c48fbfbf397c61f1caf24b0

    SHA1

    7ecef206e3a8c78666dade098c9f78bc64be674b

    SHA256

    796a6b50a0da8bd5335c179c4fc850f4fea067ca6ba0d61f81997fa7a352fe96

    SHA512

    e96f1db236ea6273ae31d2a89bca020eb4473bca722af3c9232e261e1d056bc428c528294cee60a9876860e34e7d97fc393fd3eba5bd54e46ad427a167953303

    Download Submit