General

  • Target

    7a01cfa6154cba34ff833b797d152065_JaffaCakes118

  • Size

    173KB

  • Sample

    240401-zja1lsfd95

  • MD5

    7a01cfa6154cba34ff833b797d152065

  • SHA1

    10f184ac8d4832b82e20767d67b2c8e00802d271

  • SHA256

    755fb0df132dcc7daa780417e16140d05763ff20d133de81cf087512e3c07416

  • SHA512

    3aa80f178974a388b441064632c0a8f7bc4125fffa048ade701fa7ba0c3712a88432e7eaac8bbe6e699e0c1495a63e3ce1c2a136b56f884828f2ba26ab8e484b

  • SSDEEP

    3072:SIdkX5jRRiimnn3PETXDdKVBBkGN48eEkY7zEt793e87icY:jLb38TXBcBRNf4Zte83

Score
10/10

Malware Config

Targets

    • Target

      7a01cfa6154cba34ff833b797d152065_JaffaCakes118

    • Size

      173KB

    • MD5

      7a01cfa6154cba34ff833b797d152065

    • SHA1

      10f184ac8d4832b82e20767d67b2c8e00802d271

    • SHA256

      755fb0df132dcc7daa780417e16140d05763ff20d133de81cf087512e3c07416

    • SHA512

      3aa80f178974a388b441064632c0a8f7bc4125fffa048ade701fa7ba0c3712a88432e7eaac8bbe6e699e0c1495a63e3ce1c2a136b56f884828f2ba26ab8e484b

    • SSDEEP

      3072:SIdkX5jRRiimnn3PETXDdKVBBkGN48eEkY7zEt793e87icY:jLb38TXBcBRNf4Zte83

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks