mrblack | 9b2a132a1b8109f3b68f63c95cc3bf499f246e2db435a58f3c294c570f62f38b | Triage

Submit
Reports

Overview

overview

Static

static

d25035c6ed...kes118

ubuntu-24.04-amd64

7

Sharing

General

Target

d25035c6ed07605dc33f3c35ed590d6b_JaffaCakes118
Size

1.2MB
Sample

240907-tgvpca1hqn
MD5

d25035c6ed07605dc33f3c35ed590d6b
SHA1

7626d77ae4d3ba50fcf9982bbf2e2123765af664
SHA256

9b2a132a1b8109f3b68f63c95cc3bf499f246e2db435a58f3c294c570f62f38b
SHA512

6ced92d77f63bbe5e66aa14e7ee6aa65363a98acd06854795dd2ede142d2900646ffabfb75fe882a2f77a1a87d9e0f68b9a1010bb63e0dabe6d2e23f7681f89a
SSDEEP

24576:e845rGHu6gVJKG75oFpA0VWIX4t2y1q2rJp0:745vRVJKGtSA0VWIoku9p0

Score

10^/10

mrblack defense_evasion discovery linux persistence rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

d25035c6ed07605dc33f3c35ed590d6b_JaffaCakes118

Resource

ubuntu2404-amd64-20240523-en

defense_evasion discovery persistence rootkit

ubuntu-24.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  d25035c6ed07605dc33f3c35ed590d6b_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  d25035c6ed07605dc33f3c35ed590d6b
- SHA1
  
  7626d77ae4d3ba50fcf9982bbf2e2123765af664
- SHA256
  
  9b2a132a1b8109f3b68f63c95cc3bf499f246e2db435a58f3c294c570f62f38b
- SHA512
  
  6ced92d77f63bbe5e66aa14e7ee6aa65363a98acd06854795dd2ede142d2900646ffabfb75fe882a2f77a1a87d9e0f68b9a1010bb63e0dabe6d2e23f7681f89a
- SSDEEP
  
  24576:e845rGHu6gVJKG75oFpA0VWIX4t2y1q2rJp0:745vRVJKGtSA0VWIoku9p0
Score

7^/10

defense_evasion discovery persistence rootkit
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
- Write file to user bin folder
  persistence
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistencerootkit

© 2018-2024

Terms | Privacy