Overview

overview

10

Static

static

10

f71a34d018...kes118

ubuntu-24.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f71a34d018f804dc607ce170b9869f89_JaffaCakes118

  • Size

    1.1MB

  • Sample

    240925-3vv2psvcnn

  • MD5

    f71a34d018f804dc607ce170b9869f89

  • SHA1

    006c8ddeb0667cdf4c4230003530ed4128286426

  • SHA256

    363b6bc50cb7412f6aac924a70e059ab1d1fe4515e3e2b8ec2ca533aa7ee134e

  • SHA512

    4b136235b1fb32eaa9f197ff7ea5eb3ec7b45d957e8290df8b230b67afb31fbee83cfb862a9294e7a3fcc22f33526fa553bc8c0f546bd29bd98043afd509b341

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfaiI+gIGYuuCol7r:4vREKfPqVE5jKsfaiRHGVo7r

Score
10/10
mrblackdefense_evasiondiscoverylinuxpersistencerootkit

Malware Config

Targets

    • Target

      f71a34d018f804dc607ce170b9869f89_JaffaCakes118

    • Size

      1.1MB

    • MD5

      f71a34d018f804dc607ce170b9869f89

    • SHA1

      006c8ddeb0667cdf4c4230003530ed4128286426

    • SHA256

      363b6bc50cb7412f6aac924a70e059ab1d1fe4515e3e2b8ec2ca533aa7ee134e

    • SHA512

      4b136235b1fb32eaa9f197ff7ea5eb3ec7b45d957e8290df8b230b67afb31fbee83cfb862a9294e7a3fcc22f33526fa553bc8c0f546bd29bd98043afd509b341

    • SSDEEP

      24576:4vRE7caCfKGPqVEDNLFxKsfaiI+gIGYuuCol7r:4vREKfPqVE5jKsfaiRHGVo7r

    Score
    7/10
    defense_evasiondiscoverypersistencerootkit

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit

    • Write file to user bin folder

      persistence

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks