mrblack | 4df9bbf754dec327eae069fdbc525041f5ec7ad1bfd7e2488a8501cac9e67129 | Triage

Submit
Reports

Overview

overview

Static

static

e1b8a13735...kes118

ubuntu-24.04-amd64

7

Sharing

General

Target

e1b8a137359d28ce3a2c74cfbf5d8084_JaffaCakes118
Size

1.1MB
Sample

240915-fa3jqawfkl
MD5

e1b8a137359d28ce3a2c74cfbf5d8084
SHA1

43a403a2b708a14f0badecf79ba8cc68a22a6f3e
SHA256

4df9bbf754dec327eae069fdbc525041f5ec7ad1bfd7e2488a8501cac9e67129
SHA512

d872e4135f0afdf8019a1b81691839e0496c5caf93ff5dc1e051fd99622da718619929e2665c5e3ceb4fe837f0e603423e4fc3119ec5428eb401745b4f08c919
SSDEEP

24576:4vRE7caCfKGPqVEDNLFxKsfaMI+gIGYuuCol7r:4vREKfPqVE5jKsfaMRHGVo7r

Score

10^/10

mrblack defense_evasion discovery linux persistence rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

e1b8a137359d28ce3a2c74cfbf5d8084_JaffaCakes118

Resource

ubuntu2404-amd64-20240729-en

defense_evasion discovery persistence rootkit

ubuntu-24.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  e1b8a137359d28ce3a2c74cfbf5d8084_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  e1b8a137359d28ce3a2c74cfbf5d8084
- SHA1
  
  43a403a2b708a14f0badecf79ba8cc68a22a6f3e
- SHA256
  
  4df9bbf754dec327eae069fdbc525041f5ec7ad1bfd7e2488a8501cac9e67129
- SHA512
  
  d872e4135f0afdf8019a1b81691839e0496c5caf93ff5dc1e051fd99622da718619929e2665c5e3ceb4fe837f0e603423e4fc3119ec5428eb401745b4f08c919
- SSDEEP
  
  24576:4vRE7caCfKGPqVEDNLFxKsfaMI+gIGYuuCol7r:4vREKfPqVE5jKsfaMRHGVo7r
Score

7^/10

defense_evasion discovery persistence rootkit
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
- Write file to user bin folder
  persistence
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistencerootkit

© 2018-2024

Terms | Privacy