838128b004b0a6fb943655bae105acc61b2d9370b705e2bdbec330bc514ed442

Resubmissions

06-12-2024 09:15

241206-k75gsswman 10

05-12-2024 10:40

241205-mqteba1jfy 10

Analysis

max time kernel
126s
max time network
152s
platform
ubuntu-24.04_amd64
resource
ubuntu2404-amd64-20240523-en
resource tags

arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
submitted
06-12-2024 09:15

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
Size

61KB
MD5

c74dc42bbe440932db0f1d72a2353a02
SHA1

9224e2a0b5e860d6ee3bf3c0658060308f7c2cee
SHA256

838128b004b0a6fb943655bae105acc61b2d9370b705e2bdbec330bc514ed442
SHA512

e4e20405439b592680ebc3f32489bb827f028f8e41c8d4ef40a616a5b452b20414cf94a48762b72a2978c3f224b41909f12241351639a86a3f1e15dc86557f70
SSDEEP

1536:rdZ2PuURL7ORsW38Iva/6pYPqexmtUffQfmX5hT:rdYuU0RD38ipnexl15h

Score

9^/10

discovery rootkit

Malware Config

Signatures

Contacts a large (107108) amount of remote hosts 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046
Creates a large amount of network flows 1 TTPs
This may indicate a network scan to discover remotely running services.
discovery

Network Service Discovery
T1046

Loads a kernel module 64 IoCs

Loads a Linux kernel module, potentially to achieve persistence

rootkit

pid	Process
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2830	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2830	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2830	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2830	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2830	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2830	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
2828	c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118

/tmp/c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
/tmp/c74dc42bbe440932db0f1d72a2353a02_JaffaCakes118
1⤵
- Loads a kernel module
PID:2825

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

T1046

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Resubmissions

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads