Overview

overview

10

Static

static

10

a9c95cbf64...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    148s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240729-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    19-08-2024 05:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a9c95cbf64552c07a2278f29b249135b_JaffaCakes118

  • Size

    1.1MB

  • MD5

    a9c95cbf64552c07a2278f29b249135b

  • SHA1

    6960164d2652ed3d6006dccdae8ff0e1eefa041a

  • SHA256

    26f389b1b3f68324e328925fa4538fd4843014ed609fdff4bee80f72c845654f

  • SHA512

    b4144490ad0f092d12977395192cb0155f0187b146bac8a51e51a465ddacd940346abb58c38524ddf9134cdaa781b4d17ec2217b4a71057d558cc8e5ecf16844

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaSI+gIGYuuCol7r:4vREKfPqVE5jKsfaSRHGVo7r

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/a9c95cbf64552c07a2278f29b249135b_JaffaCakes118
    /tmp/a9c95cbf64552c07a2278f29b249135b_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2497

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    e69e7ea8244fe754f7b3fa752413622e

    SHA1

    bdee88d114529d6fa99fd13b8b9a59a09f64a035

    SHA256

    a07d9815a808dc91a31644d5005e04d59c0db24e59c8d7434c5e1e02cfb9db8a

    SHA512

    1c5aba7090fd8097e6ed546a3a28ab9e895f6452319552b8aa26c4d0060facec7d98543c1021867a9272c67141d02e816a6dd9b3ec7bb1d259fab07c9361a642

    Download Submit

  • /tmp/conf.n
    Filesize

    69B

    MD5

    520ae35dd73824ca407c8d8224ce7032

    SHA1

    b47d0c7ac69b3336a88fbc7e6234b8785fd05b5d

    SHA256

    9bbf7a5c27414f1c3693aa2d7c39ba71ca9c0cd16ec25b84a9bb868863a8366d

    SHA512

    11e8fd3da2c321a583afa62ddd84f3b12ebd22e81786a3ce05f010a0b21a5c30d3ffcb2cbc3f36b5f448b3cc0ef8aacf91349982c70d09c61851631d68deb744

    Download Submit

  • /tmp/gates.lock
    Filesize

    4B

    MD5

    9af76329c78e28c977ab1bcd1c3fe9b8

    SHA1

    b99dfad9dfce6db8291c587455dec8f5ab378920

    SHA256

    0b8c4c7c81ac3255024f978a24c4c63bb034cc40ed2fe51dec83cb28c8785a87

    SHA512

    668d2295ecadcda8fcc02a365e4581723081509faa870d4f5d8fdb6af85519d477b0c8529212449f9f4d2d880c57d205b85753f42f6e5e25295b9ec473a9a953

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    98be593b2fb57c3820853d700eeb95b5

    SHA1

    477104223c97df27cc0dba28a0b1ddfce44fa52a

    SHA256

    4a67abfb120ef59a69bac0aa24e6c3c89826e2f6f09b5c07d9e6cfb0273a19cf

    SHA512

    28e0ebbd66c9d9092a1f85b73164e1384e86326b31be6926ef301e52f2fe6cf0fe60017c96eed7f59105fe78f409c00f3b501131aacad5165742fa122a13cc61

    Download Submit