General

  • Target

    1db2e5adb60d4078e8fe38f6f1c73e84_JaffaCakes118

  • Size

    118KB

  • Sample

    240329-kqm67aeb99

  • MD5

    1db2e5adb60d4078e8fe38f6f1c73e84

  • SHA1

    318c179d948524a291304909ed390107c6e99b00

  • SHA256

    f1c09f545ad85301a2aed5762c4de2d7a4a64f9ed799bf8d1d7a87edd1d56618

  • SHA512

    cf903d1d502ffb38baa2236d7825acf37daad9ec417bc8bbea859ee8873761818a90650be565f72cd01d963af0a670d26c5562af318b3506e5f5c1024fd3404d

  • SSDEEP

    3072:ekYPUfsgnsb0J2ag/VfzkDN0dn+mTQOY5NX3cn:9YPUfsgEo2a0zkDy+mTQOY5R3cn

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

45.148.120.171:666

Targets

    • Target

      1db2e5adb60d4078e8fe38f6f1c73e84_JaffaCakes118

    • Size

      118KB

    • MD5

      1db2e5adb60d4078e8fe38f6f1c73e84

    • SHA1

      318c179d948524a291304909ed390107c6e99b00

    • SHA256

      f1c09f545ad85301a2aed5762c4de2d7a4a64f9ed799bf8d1d7a87edd1d56618

    • SHA512

      cf903d1d502ffb38baa2236d7825acf37daad9ec417bc8bbea859ee8873761818a90650be565f72cd01d963af0a670d26c5562af318b3506e5f5c1024fd3404d

    • SSDEEP

      3072:ekYPUfsgnsb0J2ag/VfzkDN0dn+mTQOY5NX3cn:9YPUfsgEo2a0zkDy+mTQOY5R3cn

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks