Overview

overview

10

Static

static

10

a538c26af9...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    18-08-2024 03:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a538c26af968f61af3479445e495a294_JaffaCakes118

  • Size

    1.2MB

  • MD5

    a538c26af968f61af3479445e495a294

  • SHA1

    f67535a87198ef8788620bf0a35131d9c6006a97

  • SHA256

    61bc77c9b7589a6987dae9bae6b194136f0bba1a1dad8fdc67de7038b572a493

  • SHA512

    ee8a860385bba87a9e7f8d3cf0c22ba3ad10a18d9513857bfa9f73b124994f65a0f477dd46f6ed3f585aa556d4c31209d970f4ccfa9a6f441a571a18f7dc32de

  • SSDEEP

    24576:e845rUHu6gVJKG75oFpA0VWPX4G2y1q2rJp0:7451RVJKGtSA0VWPoVu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/a538c26af968f61af3479445e495a294_JaffaCakes118
    /tmp/a538c26af968f61af3479445e495a294_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2493

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    80e70b93010abeab6d62d95beaf4d9fd

    SHA1

    d25d37ba9c197a72298ff20ca19d5b0f98a1909b

    SHA256

    a4442304cd59db06cb62c038d19e62dd6eff8513ca795ab80dce6f8552f240bc

    SHA512

    74455b34349d701b13bf24b3e283cb52cc0e9b2f35925bfae6bf8084bb1de691e34619998e3502cf63546e6f94db5ba0ca18d1d5a13936c1acf61ecf5cabb1e1

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    a2eebf8d0fb8ed040061af568426ae63

    SHA1

    dec8344fc82ad81f60a960d6246561e35c74004a

    SHA256

    305976b23511fd04330ba8a5d7e1d49959d19f024fc73de227a6f2979f7182c3

    SHA512

    6b8401813ace85779034f47ca064a12daf44e4974c59dc269dac5a05ba1fd718f7350dae216eb5253eb83046b4f84bf10f935b0d74109b970f652df80dbb380f

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    33bb83720ba9d2b6da87114380314af5

    SHA1

    ce181f6d0b5b32926273312822c2a97fea6cefa4

    SHA256

    72e37da8a67d137ab41fe3a0ef269ad619192eb0d93a4a5421b1f0bf05093d86

    SHA512

    ce98d3c0f83ae8b19579fa69edb6977e8f1f91319f75b776fc8220d6e2e7dfc3a96186b9e833f7b99daac6d842aea19a668ca8fd0403823a9a860b83be6a77aa

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    6cc3873479e87fe399d58a17af4bdbc8

    SHA1

    3c296c7f08cd57382f1c23bc887452518bef5a0c

    SHA256

    44cee532f5f58c747c8246b12face31837897e6dc36d235cc7695da76db88987

    SHA512

    934ad336135cf13fc708840cc03ed95c707349c15e0c59a703edf725dbe950b58b4a1270eae06879e64491b24e34d419b7112a35d66cd101fbf4e07e93663b41

    Download Submit