General

  • Target

    3de5c8646ca40fe7337662abc72d9f72_JaffaCakes118

  • Size

    156KB

  • Sample

    240330-rr5k7aha78

  • MD5

    3de5c8646ca40fe7337662abc72d9f72

  • SHA1

    52b46b834965a2a6cc364d0388f7ac4bd1dfff2d

  • SHA256

    f415cd5bcd6de599e52fd3e914ec02c46c9b9e1e10a92bb68af5e4fe07e40af0

  • SHA512

    eef027142bf873b12fd57f244ba8883c323117466f78beddde3c4a2b4f55faca30ffb0a68ba911d3c2cab2e2a0ddcd7968211a170580d19ada167d391b8b943c

  • SSDEEP

    3072:T1g2/eINNlzx2kkQCMOaQcvBOYnyLRM/9q3tmFwfBxKQodn:hg2hNNlzIkk/MOa/oYnydM/9MmFwfBxE

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

64.227.188.134:606

Targets

    • Target

      3de5c8646ca40fe7337662abc72d9f72_JaffaCakes118

    • Size

      156KB

    • MD5

      3de5c8646ca40fe7337662abc72d9f72

    • SHA1

      52b46b834965a2a6cc364d0388f7ac4bd1dfff2d

    • SHA256

      f415cd5bcd6de599e52fd3e914ec02c46c9b9e1e10a92bb68af5e4fe07e40af0

    • SHA512

      eef027142bf873b12fd57f244ba8883c323117466f78beddde3c4a2b4f55faca30ffb0a68ba911d3c2cab2e2a0ddcd7968211a170580d19ada167d391b8b943c

    • SSDEEP

      3072:T1g2/eINNlzx2kkQCMOaQcvBOYnyLRM/9q3tmFwfBxKQodn:hg2hNNlzIkk/MOa/oYnydM/9MmFwfBxE

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks