Overview

overview

10

Static

static

10

b94e63d380...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    151s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    22-08-2024 22:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b94e63d38073df0009e727039a512ad3_JaffaCakes118

  • Size

    1.1MB

  • MD5

    b94e63d38073df0009e727039a512ad3

  • SHA1

    b1f7ab983c723f2f22aeb6e1923fe49f62e82976

  • SHA256

    9b4d9bb64442c3ef9196ea67640c862515e92f6b258c90b12ddc80b8eb36e2dd

  • SHA512

    aae94a6ea746e3f4c7b3e655b829e45c11f45131b306ff9542b00b47289d00c79e8ca8da2f7490d9dbc2d6f143ac9790ef1fcf5d26a4bec1087d729fc758cd0b

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaMI+gIGYuuCol7r:4vREKfPqVE5jKsfaMRHGVo7r

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/b94e63d38073df0009e727039a512ad3_JaffaCakes118
    /tmp/b94e63d38073df0009e727039a512ad3_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2527

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/VsystemsshMmt
    Filesize

    64B

    MD5

    35c880049ba7e593a080abe24e077de0

    SHA1

    b4d98d706dde336eca4f0ae6efde9d33f3d08234

    SHA256

    24784fc08fa3d007d59c98c1ed000a7fa47bda2a3a553fee563c92bf1c73b44c

    SHA512

    29d8bdc58b16f765d255fe60be3e249b3a585fd51a446e792ae726384221337e55b20a7dc7431b77126e9038bfa1d6511586d0dbcc5d1f4de4bacbad5ef85ca5

    Download Submit

  • /tmp/Dest.cfg
    Filesize

    4B

    MD5

    6be93f7a96fed60c477d30ae1de032fd

    SHA1

    e7089f577734cbbc5501d018befde55d0884b9fa

    SHA256

    57d24fbc37a0596d5dbad9f86accacf04ab8e2875a084cb2202244c421d1c65f

    SHA512

    c198e0e4735d5f63ea04ea0ec9ca4d2630274a64f127b9bbe6c78f9bb08efd68c9a782b6726ffd70429e81d735852d823e0c570fac11ea10e5cd5d532be06a95

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    1821881a800ba38f87c95b359246812d

    SHA1

    a4d55d118f4b32af87badfda7376c66ed7af44bb

    SHA256

    8a4451aee6bc2a110f17d9b5e588799ebda960ae2fe8bbadfb9f725a699fd464

    SHA512

    c11edbdf05aa78a7f057c3f571e299488a439cdc64c9cd657648b882a73fd0ba618614eab03e6fa0861ac51b338617292edd96fe6b6429fe2efddeef81bd7210

    Download Submit