General

  • Target

    2619632872a7acd190bc2a02faedcce1_JaffaCakes118

  • Size

    118KB

  • Sample

    240329-ta886abh2y

  • MD5

    2619632872a7acd190bc2a02faedcce1

  • SHA1

    b259c40ff9f016baca07df420e50ada3a7c64f8c

  • SHA256

    e2c94cfbf6e7e6f86ae46ed68809626d81f3e87846ab23de82706a0c088097e5

  • SHA512

    26fed6c632b41122dee3069334b039a304848822c4c68a808e0c2e62940c1bb1010fdad033e6d5229e55dc993eb0d73cbb6160e82d97f311dbd95064959484af

  • SSDEEP

    3072:kOdZ5l8YKgfhCsBiHetJ8add9QzTsQvzUYgt4mKcXeGcgqqi:nl8eEYiHetJ8addQXQt4mKcXdcgqqi

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

45.95.169.115:6574

Targets

    • Target

      2619632872a7acd190bc2a02faedcce1_JaffaCakes118

    • Size

      118KB

    • MD5

      2619632872a7acd190bc2a02faedcce1

    • SHA1

      b259c40ff9f016baca07df420e50ada3a7c64f8c

    • SHA256

      e2c94cfbf6e7e6f86ae46ed68809626d81f3e87846ab23de82706a0c088097e5

    • SHA512

      26fed6c632b41122dee3069334b039a304848822c4c68a808e0c2e62940c1bb1010fdad033e6d5229e55dc993eb0d73cbb6160e82d97f311dbd95064959484af

    • SSDEEP

      3072:kOdZ5l8YKgfhCsBiHetJ8add9QzTsQvzUYgt4mKcXeGcgqqi:nl8eEYiHetJ8addQXQt4mKcXdcgqqi

    Score
    7/10
    • Changes its process name

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks