Overview

overview

10

Static

static

10

f17b36cfdd...kes118

ubuntu-24.04-amd64

7

Resubmissions

02-01-2025 21:38

250102-1hhjqszkgl 10

15-12-2024 00:39

241215-az46ys1kbl 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f17b36cfddb5242cb530ee6f62fd72ad_JaffaCakes118

  • Size

    1.1MB

  • Sample

    250102-1hhjqszkgl

  • MD5

    f17b36cfddb5242cb530ee6f62fd72ad

  • SHA1

    1dad9668f72f681c865d058027d0eb474f920613

  • SHA256

    a81f677c5e70b1031e5faddd50ba3492e6d536ce672fa17c173f916b88e45d46

  • SHA512

    c0edc007a5030e95cc63467e5de00ba3152f3150dc9247850553fbf0542e2c6bf59543d6cca1e38dd8fdc490a2984d515a6d984e6d8833e64c90e07383d7fa16

  • SSDEEP

    24576:4vRE7caCfKGPqVEDNLFxKsfamI+gIGYuuCol7r:4vREKfPqVE5jKsfamRHGVo7r

Score
10/10
mrblackdefense_evasiondiscoverylinuxpersistencerootkit

Malware Config

Targets

    • Target

      f17b36cfddb5242cb530ee6f62fd72ad_JaffaCakes118

    • Size

      1.1MB

    • MD5

      f17b36cfddb5242cb530ee6f62fd72ad

    • SHA1

      1dad9668f72f681c865d058027d0eb474f920613

    • SHA256

      a81f677c5e70b1031e5faddd50ba3492e6d536ce672fa17c173f916b88e45d46

    • SHA512

      c0edc007a5030e95cc63467e5de00ba3152f3150dc9247850553fbf0542e2c6bf59543d6cca1e38dd8fdc490a2984d515a6d984e6d8833e64c90e07383d7fa16

    • SSDEEP

      24576:4vRE7caCfKGPqVEDNLFxKsfamI+gIGYuuCol7r:4vREKfPqVE5jKsfamRHGVo7r

    Score
    7/10
    defense_evasiondiscoverypersistencerootkit

    • File and Directory Permissions Modification

      Adversaries may modify file or directory permissions to evade defenses.

      defense_evasion

    • Executes dropped EXE

    • Loads a kernel module

      Loads a Linux kernel module, potentially to achieve persistence

      rootkit

    • Write file to user bin folder

      persistence

    • Writes file to system bin folder

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks