General

  • Target

    7bbf081d9632706d8e812b917830989b_JaffaCakes118

  • Size

    105KB

  • Sample

    240401-14hrmahb34

  • MD5

    7bbf081d9632706d8e812b917830989b

  • SHA1

    324faa88a407a30e245a01a7cb5869b4dfcbe023

  • SHA256

    36d09c9122b5c507c27a6ceda72b31f4cd75af9b45f0516eebf1c3d668a0909b

  • SHA512

    0494378c04c8f4c98d19a0fc1bd96c3b5915b6f90a80fd6c1e28e75e74bf88bc17a6d992d923c02acbb5f9c0c443255f75f9f0a89045f4c71a56ee699f143222

  • SSDEEP

    3072:MSY+46m1qOzssGFPnNdDmkZrQAhPDCXFke:06mgOzJGFPvmkZrQAhPDCXFke

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

107.172.201.217:606

Targets

    • Target

      7bbf081d9632706d8e812b917830989b_JaffaCakes118

    • Size

      105KB

    • MD5

      7bbf081d9632706d8e812b917830989b

    • SHA1

      324faa88a407a30e245a01a7cb5869b4dfcbe023

    • SHA256

      36d09c9122b5c507c27a6ceda72b31f4cd75af9b45f0516eebf1c3d668a0909b

    • SHA512

      0494378c04c8f4c98d19a0fc1bd96c3b5915b6f90a80fd6c1e28e75e74bf88bc17a6d992d923c02acbb5f9c0c443255f75f9f0a89045f4c71a56ee699f143222

    • SSDEEP

      3072:MSY+46m1qOzssGFPnNdDmkZrQAhPDCXFke:06mgOzJGFPvmkZrQAhPDCXFke

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks