Overview

overview

10

Static

static

10

e1f3f59b74...kes118

ubuntu-24.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e1f3f59b74b2c888f1deed1475d7fa73_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240915-hzbhmssarn

  • MD5

    e1f3f59b74b2c888f1deed1475d7fa73

  • SHA1

    4e4158ac9ee8e3cb997f75d5eddbb30243623906

  • SHA256

    009714340e1b9cd089d6801bca92ebd507dfe37c80ba72d607e32f212de3e6a0

  • SHA512

    527c91fe8cf5ef3cdbba3711266aead92ab3ddd9fca311b38c5f6cc13d8a6d1b01a23d5db13ead315aeb5485d22692ff869f4fc77b0e25323d300e36ba6b7179

  • SSDEEP

    24576:e845rGHu6gVJKG75oFpA0VWIX4m2y1q2rJp0:745vRVJKGtSA0VWIo1u9p0

Score
10/10
mrblackdefense_evasiondiscoverylinuxpersistencerootkit

Malware Config

Targets

    • Target

      e1f3f59b74b2c888f1deed1475d7fa73_JaffaCakes118

    • Size

      1.2MB

    • MD5

      e1f3f59b74b2c888f1deed1475d7fa73

    • SHA1

      4e4158ac9ee8e3cb997f75d5eddbb30243623906

    • SHA256

      009714340e1b9cd089d6801bca92ebd507dfe37c80ba72d607e32f212de3e6a0

    • SHA512

      527c91fe8cf5ef3cdbba3711266aead92ab3ddd9fca311b38c5f6cc13d8a6d1b01a23d5db13ead315aeb5485d22692ff869f4fc77b0e25323d300e36ba6b7179

    • SSDEEP

      24576:e845rGHu6gVJKG75oFpA0VWIX4m2y1q2rJp0:745vRVJKGtSA0VWIo1u9p0

    Score
    7/10
    defense_evasiondiscoverypersistencerootkit

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit

    • Write file to user bin folder

      persistence

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks