Overview

overview

10

Static

static

10

f7eb81fc66...kes118

ubuntu-24.04-amd64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f7eb81fc660ece0137653be2632629e8_JaffaCakes118

  • Size

    1.5MB

  • Sample

    240926-jvf31ayfke

  • MD5

    f7eb81fc660ece0137653be2632629e8

  • SHA1

    6b56ee419cab7d24e9550c33f227898562d2bb6e

  • SHA256

    f880e1f9b1db9847990670a0207f69a95cae7f257b684cfcd7a919b2feb38032

  • SHA512

    0bcb85342f189f6e1c4d4ecacb44c59629f95993bb3645d490f3a9ceb65a922bea051598a790543735a7470080f9f43a0b8ac72a434775a067183761e14cade8

  • SSDEEP

    49152:27ilOolLbt1laIunbZsehkvS55555555555555555555555555555555555k55w1:CeOolLbt1laIunlsehvNtYi7COEm

Score
10/10
mrblackdefense_evasiondiscoverylinuxpersistencerootkit

Malware Config

Targets

    • Target

      f7eb81fc660ece0137653be2632629e8_JaffaCakes118

    • Size

      1.5MB

    • MD5

      f7eb81fc660ece0137653be2632629e8

    • SHA1

      6b56ee419cab7d24e9550c33f227898562d2bb6e

    • SHA256

      f880e1f9b1db9847990670a0207f69a95cae7f257b684cfcd7a919b2feb38032

    • SHA512

      0bcb85342f189f6e1c4d4ecacb44c59629f95993bb3645d490f3a9ceb65a922bea051598a790543735a7470080f9f43a0b8ac72a434775a067183761e14cade8

    • SSDEEP

      49152:27ilOolLbt1laIunbZsehkvS55555555555555555555555555555555555k55w1:CeOolLbt1laIunlsehvNtYi7COEm

    Score
    7/10
    defense_evasiondiscoverypersistencerootkit

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit

    • Write file to user bin folder

      persistence

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks