General

  • Target

    1ffc268b1b537f7316b256d8596ba35d_JaffaCakes118

  • Size

    123KB

  • Sample

    240329-mtwnvaga22

  • MD5

    1ffc268b1b537f7316b256d8596ba35d

  • SHA1

    c9f3772db48b2728972956b91553987e5ca73b43

  • SHA256

    e050ce2554f657e9781a9da94a8da9f083bd84767a2c495279bafcb5807e61a2

  • SHA512

    3a46038b7de90ad88772a2a1fa411c6ddc02ef5a8f251eec007b0bce32dbfbdaf94a1c6f1c63873a69960d8c82781644312d0bcd7ac515486637e9acd3286e65

  • SSDEEP

    1536:/UHeTxCAms/Y8Zm3lKYA43gMJwSkJ8Epv+DzUh8rmW+IFB1Df11hR/:/UyLqAmgMJM8EB+Dw8rmW+IFB1Dt1hR/

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

50.115.174.119:606

Targets

    • Target

      1ffc268b1b537f7316b256d8596ba35d_JaffaCakes118

    • Size

      123KB

    • MD5

      1ffc268b1b537f7316b256d8596ba35d

    • SHA1

      c9f3772db48b2728972956b91553987e5ca73b43

    • SHA256

      e050ce2554f657e9781a9da94a8da9f083bd84767a2c495279bafcb5807e61a2

    • SHA512

      3a46038b7de90ad88772a2a1fa411c6ddc02ef5a8f251eec007b0bce32dbfbdaf94a1c6f1c63873a69960d8c82781644312d0bcd7ac515486637e9acd3286e65

    • SSDEEP

      1536:/UHeTxCAms/Y8Zm3lKYA43gMJwSkJ8Epv+DzUh8rmW+IFB1Df11hR/:/UyLqAmgMJM8EB+Dw8rmW+IFB1Dt1hR/

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks