mrblack | d99e6c724f55505ed5a478a36e0a0ad18fadf94fb6215c78bf171d5da5553e25 | Triage

Submit
Reports

Overview

overview

Static

static

d52c6cadd4...kes118

ubuntu-24.04-amd64

7

Sharing

General

Target

d52c6cadd4254a34c34095df93b2c195_JaffaCakes118
Size

1.2MB
Sample

240908-12nj4azfqd
MD5

d52c6cadd4254a34c34095df93b2c195
SHA1

4cba9953158f62bd2b12e06952ac81e3c3f1852e
SHA256

d99e6c724f55505ed5a478a36e0a0ad18fadf94fb6215c78bf171d5da5553e25
SHA512

0bf33847f71f5056af2de942431572e5f2c7ba81a3d4979e7865784ecc291aca6ca5439871a10dcfd5cec0165eae63fddaa0e38d70b72a42983046ad43af8a67
SSDEEP

24576:e845rGHu6gVJKG75oFpA0VWeX4k2y1q2rJp0:745vRVJKGtSA0VWeoru9p0

Score

10^/10

mrblack defense_evasion discovery linux persistence rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

d52c6cadd4254a34c34095df93b2c195_JaffaCakes118

Resource

ubuntu2404-amd64-20240523-en

defense_evasion discovery persistence rootkit

ubuntu-24.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  d52c6cadd4254a34c34095df93b2c195_JaffaCakes118
- Size
  
  1.2MB
- MD5
  
  d52c6cadd4254a34c34095df93b2c195
- SHA1
  
  4cba9953158f62bd2b12e06952ac81e3c3f1852e
- SHA256
  
  d99e6c724f55505ed5a478a36e0a0ad18fadf94fb6215c78bf171d5da5553e25
- SHA512
  
  0bf33847f71f5056af2de942431572e5f2c7ba81a3d4979e7865784ecc291aca6ca5439871a10dcfd5cec0165eae63fddaa0e38d70b72a42983046ad43af8a67
- SSDEEP
  
  24576:e845rGHu6gVJKG75oFpA0VWeX4k2y1q2rJp0:745vRVJKGtSA0VWeoru9p0
Score

7^/10

defense_evasion discovery persistence rootkit
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
- Write file to user bin folder
  persistence
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistencerootkit

© 2018-2024

Terms | Privacy