mrblack | 2d4129a21494cbb8bb2846b39266bf4e15accd20aca97ecaff664a363ddd50bc | Triage

Submit
Reports

Overview

overview

Static

static

f197672395...kes118

ubuntu-24.04-amd64

7

Sharing

General

Target

f197672395432b1cca10bb2324f8bbb0_JaffaCakes118
Size

1.1MB
Sample

240922-jqp54syflk
MD5

f197672395432b1cca10bb2324f8bbb0
SHA1

14244002684fea5883200559d825dc4f6bc09072
SHA256

2d4129a21494cbb8bb2846b39266bf4e15accd20aca97ecaff664a363ddd50bc
SHA512

5ab9b5769c0c9b3527bd1bd931cb25ce378823a57760240c7d70a454a0aab1fc3d8ac7094d0603623cc3f9c27e5659825060b2adaa7885039b94f7a198e947c5
SSDEEP

24576:4vRE7caCfKGPqVEDNLFxKsfanI+gIGYuuCol7r:4vREKfPqVE5jKsfanRHGVo7r

Score

10^/10

mrblack defense_evasion discovery linux persistence rootkit

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

f197672395432b1cca10bb2324f8bbb0_JaffaCakes118

Resource

ubuntu2404-amd64-20240523-en

defense_evasion discovery persistence rootkit

ubuntu-24.04-amd64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  f197672395432b1cca10bb2324f8bbb0_JaffaCakes118
- Size
  
  1.1MB
- MD5
  
  f197672395432b1cca10bb2324f8bbb0
- SHA1
  
  14244002684fea5883200559d825dc4f6bc09072
- SHA256
  
  2d4129a21494cbb8bb2846b39266bf4e15accd20aca97ecaff664a363ddd50bc
- SHA512
  
  5ab9b5769c0c9b3527bd1bd931cb25ce378823a57760240c7d70a454a0aab1fc3d8ac7094d0603623cc3f9c27e5659825060b2adaa7885039b94f7a198e947c5
- SSDEEP
  
  24576:4vRE7caCfKGPqVEDNLFxKsfanI+gIGYuuCol7r:4vREKfPqVE5jKsfanRHGVo7r
Score

7^/10

defense_evasion discovery persistence rootkit
- File and Directory Permissions Modification
  Adversaries may modify file or directory permissions to evade defenses.
  defense_evasion
- Executes dropped EXE
- Loads a kernel module
  Loads a Linux kernel module, potentially to achieve persistence
  rootkit
- Write file to user bin folder
  persistence
- Writes file to system bin folder
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

Linux and Mac File and Directory Permissions Modification

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscoverypersistencerootkit

© 2018-2024

Terms | Privacy