Overview

overview

10

Static

static

10

afb29464ef...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    20-08-2024 15:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    afb29464ef7a73f9e7b4bd0aec71e18a_JaffaCakes118

  • Size

    1.1MB

  • MD5

    afb29464ef7a73f9e7b4bd0aec71e18a

  • SHA1

    3c316e7d849790832b90f5dff7325951d1a3676d

  • SHA256

    ae7364589eabd4d1efd8aa0659be2fa0746fb02fe4a15170bf494f71eb841564

  • SHA512

    8c9fcfefafd2fc05a8db40516459b9a7d456d11ca6f5f6476fa4da36138bad67a9f6973334722d4f35767411e7171e2ad551e8b2ceacd7808547c4b08e464be5

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaZI+gIGYuuCol7r:4vREKfPqVE5jKsfaZRHGVo7r

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/afb29464ef7a73f9e7b4bd0aec71e18a_JaffaCakes118
    /tmp/afb29464ef7a73f9e7b4bd0aec71e18a_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2816

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    974946e21930974b32d7a171e12ff370

    SHA1

    57ed42c46c333e63411b7f536496a0c4d472a50e

    SHA256

    50d7b41424cd0c2a0dea3e7d9b100e67cdfebb2fd8673007dc8e9b849d2e64a3

    SHA512

    03ab175911183215a451193115c851f44dbcf67caff0f89c3a844c3311d99c6faec22f5c9dd737c99b0d305288187e4557498928c8ced0bd272c2d16e2c331f9

    Download Submit

  • /tmp/conf.n
    Filesize

    69B

    MD5

    126987cb361a9542f8d4d44f114191b9

    SHA1

    a505021fbf7dbc086fda404cfcf51d0e8a335610

    SHA256

    efac4bbc1c8674c2d3e1f076f19890a24fa2fe275791672916965b97305a9860

    SHA512

    ec29ad70cca9a340cba0471acd8c7032b898620972e067ca35b89c8859ff91a16f2f914903dc7319b751bc77e469f94fce056581f479b7dca3081038e76f4f09

    Download Submit

  • /tmp/gates.lock
    Filesize

    4B

    MD5

    182e6c2d3d78eef40e5dac7da77a748f

    SHA1

    732217de58820ef4dc0353a910df674a58084629

    SHA256

    8202c37e994f4722947e63d7fa9193fc924fe0d3ea11f7fba2fbf11ef6bab963

    SHA512

    41ba067dc4b4e6d42cbc75fc321780e604ce6aa9ccdfe6fdd57f79948e3a8587c7baae09a0daa9c593970709c1ed191c31dbfac5d9d23c4b2b227d6ea1299e62

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    bc3ac3f761c51f8aaec9c81c54ffdc59

    SHA1

    87e959135ebe13985ef82224b6f69bb3bbf6708a

    SHA256

    e852652aa39b7e2688fbfc49c685a6ab87b0df351560dac4ababe46de22fec06

    SHA512

    103cf051008dc8e4c12497ce017eca1bbd0b27baa5e077300633f9f2d2334598a5638cf6c35bfb26c24103f63b1b0a20f23c6422a2bdfdb77535ec0aed999866

    Download Submit