General

  • Target

    4a2f7c3b0085b61ec3a724bd67fb68e2_JaffaCakes118

  • Size

    83KB

  • Sample

    240331-cekb6acc85

  • MD5

    4a2f7c3b0085b61ec3a724bd67fb68e2

  • SHA1

    2e9d74ebcd6e29fdcf67e5195d02e9dc16c2c667

  • SHA256

    1d3a617e4f266bbd4cbd04b21b7b6a304a1d10cb04a010b2dd4e25d28a601643

  • SHA512

    1ccdcb6d3c5edbbdec2d6a930f81c123816455b517dd414b5ab00e3abd66864b88660b988087c2c492e614185095650c1dbbc2febad5f56017eadbfafc31c289

  • SSDEEP

    1536:W35b9Vc4N3J6lreu5r4hWj8LIWDloRmF+wVOz+sXcfW7k:Ab9Vc4JJ6liuq0YM2oRmEwVOz+ucfW7k

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

138.124.186.54:606

Targets

    • Target

      4a2f7c3b0085b61ec3a724bd67fb68e2_JaffaCakes118

    • Size

      83KB

    • MD5

      4a2f7c3b0085b61ec3a724bd67fb68e2

    • SHA1

      2e9d74ebcd6e29fdcf67e5195d02e9dc16c2c667

    • SHA256

      1d3a617e4f266bbd4cbd04b21b7b6a304a1d10cb04a010b2dd4e25d28a601643

    • SHA512

      1ccdcb6d3c5edbbdec2d6a930f81c123816455b517dd414b5ab00e3abd66864b88660b988087c2c492e614185095650c1dbbc2febad5f56017eadbfafc31c289

    • SSDEEP

      1536:W35b9Vc4N3J6lreu5r4hWj8LIWDloRmF+wVOz+sXcfW7k:Ab9Vc4JJ6liuq0YM2oRmEwVOz+ucfW7k

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks