Overview

overview

10

Static

static

10

b7765076af...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    22/08/2024, 11:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b7765076af036583fc81a50bd0b2a663_JaffaCakes118

  • Size

    1.1MB

  • MD5

    b7765076af036583fc81a50bd0b2a663

  • SHA1

    cc61e8fbf82f87aa3789b8bf90901b32441f4438

  • SHA256

    03d811064cf60bed84a855e3fc28758482993fcda5ee3d3205eeedae832c85d0

  • SHA512

    f4596cee4ca2b6f8e9542600f1b44c8af599b6941dcc60fb9c968007bbf3a10b46a6f20943163ff3694254d5d36e76fe860642ce7fbc5798d589a0b86b37c294

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfa3I+gIGYuuCol7r:4vREKfPqVE5jKsfa3RHGVo7r

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 37 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/b7765076af036583fc81a50bd0b2a663_JaffaCakes118
    /tmp/b7765076af036583fc81a50bd0b2a663_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2477

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    43a758432c8d8ee398fe36708ea867fd

    SHA1

    3165dd06b640a50c7b36c531d286e6b02b66875a

    SHA256

    083627df322720fdc36542d1fc68b0f9a66b443ea887449d275989b8fbac00e8

    SHA512

    9606cf77d7d01f53d4f1b302a5a98e832f445aaf73c35ec4367c8ff778678dbc21cdec9c350d992e3d90fcf2ae7d93355ab902e62247dafe2e1a4e0451c2f422

    Download Submit

  • /tmp/gates.lock
    Filesize

    4B

    MD5

    53f0d7c537d99b3824f0f99d62ea2428

    SHA1

    fd036c77bc43059b0dfa9067039290b8f17440e5

    SHA256

    aabbb2bd43c0fb27462f139e0274faa6c3a5c6d600e1b2fc6d3c96c18503607e

    SHA512

    f934b9aec051382903f7bf391e6ea8d79771c4d95e804f47ee016b69985af5d651003595dda29c494ab592b0928dca406bdd56fc1352f5d471ab3b86f4dd9813

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    63ced229e8ffa2e9b227fdad61ae6600

    SHA1

    aeb8ff2ee22f32cc40aeaacc83abe28dd7f5f0e0

    SHA256

    168ac5ed3f8926935c2cc7d8a3dcae1a87e71c1775cb28024503c8ab2ec82fdb

    SHA512

    b60d3c8e4004937d9575ca5127581c74beb231191aec14254680f40942868fe3cf7ae3e01ee5d624db3cf801927261f0826ee4a027e5a56cc92ab786c9ee4442

    Download Submit