General

  • Target

    79f6f39301a153911c45acfae6e971ec_JaffaCakes118

  • Size

    178KB

  • Sample

    240401-zg4j5sfd69

  • MD5

    79f6f39301a153911c45acfae6e971ec

  • SHA1

    2939659173eddbea86ba0e0ecaac1576c75120e1

  • SHA256

    f58169a2d747183e73eb586d60b018f189509fac6a3347b1898d6b398419e983

  • SHA512

    a7044ffd483544197e3a4d799f7c573c7af7600f621883e1e3e934461aa0b1cff4c9846796eec101a62f93388878e19e2a1fa72c9b06aedbc3430a19f4ccaf9a

  • SSDEEP

    3072:BASa55PFf/M3UdhnYPOLCadzM73cYsMz1/jYCPkyAtwo7+hGcI1cY:iSaXl94OdzfMzJjYCPkrwc4GcIO

Score
10/10

Malware Config

Targets

    • Target

      79f6f39301a153911c45acfae6e971ec_JaffaCakes118

    • Size

      178KB

    • MD5

      79f6f39301a153911c45acfae6e971ec

    • SHA1

      2939659173eddbea86ba0e0ecaac1576c75120e1

    • SHA256

      f58169a2d747183e73eb586d60b018f189509fac6a3347b1898d6b398419e983

    • SHA512

      a7044ffd483544197e3a4d799f7c573c7af7600f621883e1e3e934461aa0b1cff4c9846796eec101a62f93388878e19e2a1fa72c9b06aedbc3430a19f4ccaf9a

    • SSDEEP

      3072:BASa55PFf/M3UdhnYPOLCadzM73cYsMz1/jYCPkyAtwo7+hGcI1cY:iSaXl94OdzfMzJjYCPkrwc4GcIO

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks