Analysis
-
max time kernel
149s -
max time network
149s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240729-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20240729-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
18-09-2024 07:17
Behavioral task
behavioral1
Sample
e8976dcf12c0211ca9fe49ab5e50ba56_JaffaCakes118
Resource
ubuntu2404-amd64-20240729-en
ubuntu-24.04-amd64
2 signatures
150 seconds
General
-
Target
e8976dcf12c0211ca9fe49ab5e50ba56_JaffaCakes118
-
Size
40KB
-
MD5
e8976dcf12c0211ca9fe49ab5e50ba56
-
SHA1
8c4fc5526cdddacfac934169491c3e74f4931742
-
SHA256
831b70d233ab1af37d86a404b3b34829fd8174b272254d414236f39567aba5bd
-
SHA512
9ccb49263be0d90036aea62686f078e9b94d96d6ee89c4d1a0ded290984534104b3327f04b985c03f87c7ec45ce6c4bf98a44bd88c09b46bb50f5c43b1877237
-
SSDEEP
768:36bs6TP3wjTd3Oep8eKPna927A3cCsShhN5aw7WvbDpKWhntJTuqZ:3as6TP3wjTd3Oep/KPnSzhrJsbDIWhnZ
Score
7/10
Malware Config
Signatures
-
Loads a kernel module 64 IoCs
Loads a Linux kernel module, potentially to achieve persistence
pid Process 2455 e8976dcf12c0211ca9fe49ab5e50ba56_JaffaCakes118 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2457 Process not Found 2458 Process not Found 2458 Process not Found 2457 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2457 Process not Found 2458 Process not Found 2458 Process not Found 2457 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2458 Process not Found 2457 Process not Found 2458 Process not Found -
Writes file to tmp directory 2 IoCs
Malware often drops required files in the /tmp directory.
description ioc Process File opened for modification /tmp/<��� e8976dcf12c0211ca9fe49ab5e50ba56_JaffaCakes118 File opened for modification /tmp/a e8976dcf12c0211ca9fe49ab5e50ba56_JaffaCakes118