Overview

overview

10

Static

static

10

b23039cf74...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    21-08-2024 05:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b23039cf746f22fbfa803ebdc71fe9b8_JaffaCakes118

  • Size

    1.2MB

  • MD5

    b23039cf746f22fbfa803ebdc71fe9b8

  • SHA1

    fb0a550318795891835c97da6584faadba04c199

  • SHA256

    d1341189add30797b4cd192d286e8fa0296cf3a0127889e40dd8ee139f18ae6c

  • SHA512

    af819f7a5afcf2333c7f2f6b92e893f2e53c489e853af29d167c92af1b3774165f092e1e60787fd1263fbf4db003d58bdd096c95b8fc18a4b11388891853165e

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWIX4n2y1q2rJp0:745vRVJKGtSA0VWIo2u9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/b23039cf746f22fbfa803ebdc71fe9b8_JaffaCakes118
    /tmp/b23039cf746f22fbfa803ebdc71fe9b8_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2867

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    cab2224013c80558cb6d3b9cbce6a028

    SHA1

    dec1116e5e48271e62ffb36c2b943a91512cc3f8

    SHA256

    0b9c451bfe10b5ae5f8b3810cc964003369deb9b274d10e9e40f722452c3c5b5

    SHA512

    550a0e3db5601902710bf158b161f9baa544483b4e0544fc4d3280f935856f02e362291d399dd5ab17e60b931207b85b76784dfa6b9093af4921313c39188b2c

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    7e0a0209b929d097bd3e8ef30567a5c1

    SHA1

    a16ace76c38ecf64e43c45cfb2f9fc5c29cde1e7

    SHA256

    7f59051d004a7ac406880e4122e7cd0dd7995ef0ae9be2c9f7ddc6683b7f0357

    SHA512

    061208bbc95174aaeaf7d607c0f89d15a1f87f97040768c0518d33f1f3945b7677502662f5ae3a3f4e933ef9f2f8f099b24cd83af800afb27926fb28c8063fa9

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    45e8324892d8f24810384a10bb040310

    SHA1

    0eb64d704901fb50828b3bacef599a4812919886

    SHA256

    50b0a642c834932fba8d81c917db76cc01489b79920d47a4cf1715a10342d208

    SHA512

    10db24eeda3e21082979c694e8da06275d19b7fa7caf6cf53821431d64d50dbb71f0872de6fb94de5b0ea43781af9f99b22d0d47ca51cf3f58b9f1814f71de3e

    Download Submit