Overview

overview

10

Static

static

10

c1fe854c35...kes118

ubuntu-24.04-amd64

7

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    26-08-2024 01:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c1fe854c355ba80568c73575069af223_JaffaCakes118

  • Size

    1.2MB

  • MD5

    c1fe854c355ba80568c73575069af223

  • SHA1

    062ad21f739532f1318d619c7fbc129d1cbd49f8

  • SHA256

    20411909131602f6df050c0c2d8cf86b4d70ccdd3c36edb743d9de800b4179c8

  • SHA512

    ce2340774e564614e5e8f84bde591172ca73f0d021db601d10bba70c341be0d9bbe0c14a4eeb0fda27b82275e3cbdbe225bd5dd32f9f4e7a1014410539f23c8d

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWIX4H2y1q2rJp0:745vRVJKGtSA0VWIoWu9p0

Score
7/10
rootkit

Malware Config

Signatures

  • Loads a kernel module 43 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

    rootkit

Processes

  • /tmp/c1fe854c355ba80568c73575069af223_JaffaCakes118
    /tmp/c1fe854c355ba80568c73575069af223_JaffaCakes118
    1⤵
    • Loads a kernel module
    PID:2577

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • /etc/init.d/DbSecuritySpt
    Filesize

    64B

    MD5

    8414c4ee3f29ed9c3e1ce23e7dd544b2

    SHA1

    6c268824551e872a74e0cb151c500542e21aef29

    SHA256

    4a885d41785fbd0f369a7c5b0a8ab0ce2ac3302224dd119adfafef2d5a7e85d0

    SHA512

    170104bd609ab2889dec2b5b33ef5d63d6ffdef5968539316df802998ff1e4400fd4844a0a8afba28d85b705a5a67cc40d41133b473c72620b50cbd3c79c4de3

    Download Submit

  • /tmp/conf.n
    Filesize

    73B

    MD5

    3ef7f6dd1d40d8d7eaa39d250e41ca50

    SHA1

    86570fe69bd2fb92c8db84ebb1937b5dbe332b69

    SHA256

    0d15116dd6e847d0ee09b76d73127ee4e4363b2f40ebed36bef587ee837189f7

    SHA512

    61a6910c797d516bfae07e81b86f6689f92aba75793ca9150661cb3c285710a25d62531e3e1430ea4116458dc89b11763ff5dbd2129eab4e437c8c8164c4769c

    Download Submit

  • /tmp/gates.lod
    Filesize

    4B

    MD5

    5b168fdba5ee5ea262cc2d4c0b457697

    SHA1

    448cec767d33019224995c4d0e05c451e445ed3d

    SHA256

    4235d033441def62c1ea71655385fe6f2b4acd0458059c4ed2fc495e5129326e

    SHA512

    d4feab0b11277184a45c9186666e30299c4f5b8884e65c840cafc8a631b64776110542339a0ee00a3470c5a32884f97270f919c577ef611e1326c4d0b0220e03

    Download Submit

  • /tmp/notify.file
    Filesize

    51B

    MD5

    d13613bd9308a01a91b16be7ada31e13

    SHA1

    43bdec7fdfed7c05e1a4701c77fbe9bea81b23c8

    SHA256

    601890e40af98d791f242079025421a2ecc423ea51496da59f026735075f9698

    SHA512

    81af88270a1e084ce42864c0211ab3d2cfbba4d366224fd9baac681274b4d7583a51797c9e86ff8030f9062e251f8c616252d0c13df7a7f896adecac4e7f2ab6

    Download Submit