Overview

overview

10

Static

static

10

b23d3b6b4a...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    21-08-2024 05:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b23d3b6b4a158552fea2cf3fa44fc964_JaffaCakes118

  • Size

    1.2MB

  • MD5

    b23d3b6b4a158552fea2cf3fa44fc964

  • SHA1

    0e5319e8eb7eac61727e9e9f264882794fe3d926

  • SHA256

    b5ff803aa6d6ee1ae3c0ba1e635ad6961a3d420f05d52575df8f9e5a0a972a31

  • SHA512

    d7a1d48e1800afedee2bc4762c4201cc9382397feef89be03bfd4115bf1b3c3b0c252de952671b469b759ce18f08c73fc10d761a89fda6f9e3a99cb50306c03f

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWIX4R2y1q2rJp0:745vRVJKGtSA0VWIoIu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/b23d3b6b4a158552fea2cf3fa44fc964_JaffaCakes118
    /tmp/b23d3b6b4a158552fea2cf3fa44fc964_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2476

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    0f50a7b3b3923aadac20e1b493fac7de

    SHA1

    e6cef46fb65137e4b3e291d20ae7801de1813a0f

    SHA256

    2b3a9284886dc46be166f325a2acb4cd210d446897f71ba181b7f31b04605c56

    SHA512

    1f8a2b6042548a5c7bc1348dfb4b7c50f11ac3aec6aef88fb9bad14e9d36ac663a61cc1eda1c6be3ea72b314ab90fb5c335004d31cc2032134925d940378d885

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    50e6e98ae3553e9fa64577ae49d93521

    SHA1

    30b5c55c7acb66115fd4ca04139553dec07628e9

    SHA256

    1e0e5711a0ba87dad72db523c7cd9523ef0afe60d5d4f78373636bc8fe3ec143

    SHA512

    38b17d6475eddfb64951261c7312a5183448381032f40fa9ef7e0eae3c398d9227da406456b825925d66801a6b403bcb0b8e5ed9091662c706910c84a1e44c69

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    1f34004ebcb05f9acda6016d5cc52d5e

    SHA1

    8702e64001542c19676730d4ffb224133f687aa5

    SHA256

    cc0f20917ee075671c8e77c3123759f52300c666d7f490f066dfbe7222a9bfe4

    SHA512

    f1b0e4b85060e3621e9e91e8b24ab3e468b66d6118e1b5a221eb64524873426a5bdb8db96ded959601daac182f9935fa145d796b8b65465d5c0331bd7de43498

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    b0df1d45466530f9b82cea6e69cc5903

    SHA1

    4da013fb109470b3986749d7822f6cbb87116a31

    SHA256

    35ec4ebe790fad136dba18724c636861629dd55baf4189ba2f2451954126e3f2

    SHA512

    03ce31e1db5e1e29e3237afe28417da319350afa83aec5a8fadaf91bd74e50b8f97486b6cb15a1a39421aebff28166cc68b6e09c9373ac1b7a3aafac1360326d

    Download Submit