General

  • Target

    7a81138f9aae81976b08c25fab7b7c7b_JaffaCakes118

  • Size

    174KB

  • Sample

    240401-zyhzrsfh65

  • MD5

    7a81138f9aae81976b08c25fab7b7c7b

  • SHA1

    7ca7a02d2dabdf40e400837a0bb98eb6ee6702ff

  • SHA256

    9ef046141a423bfca7ad83b326e20fd33335b04f8c597859788de767ec8371b4

  • SHA512

    45836287b770620c3e0ce171d3688989f6c44081f19d5ca5842565b7ed76ec958508ca1e9f07768042e05bb3ebd725b9bfc2cdd39ae85463f5c674c03c405f0e

  • SSDEEP

    3072:iQqMQOzjl3AEuVdC1XetJ8add9QzhsxVY1IOO2JukdfDDKq5wIi+LUk:dqf452vC1XetJ8addQsVY1VdfDDKq5w0

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

206.189.181.143:6666

Targets

    • Target

      7a81138f9aae81976b08c25fab7b7c7b_JaffaCakes118

    • Size

      174KB

    • MD5

      7a81138f9aae81976b08c25fab7b7c7b

    • SHA1

      7ca7a02d2dabdf40e400837a0bb98eb6ee6702ff

    • SHA256

      9ef046141a423bfca7ad83b326e20fd33335b04f8c597859788de767ec8371b4

    • SHA512

      45836287b770620c3e0ce171d3688989f6c44081f19d5ca5842565b7ed76ec958508ca1e9f07768042e05bb3ebd725b9bfc2cdd39ae85463f5c674c03c405f0e

    • SSDEEP

      3072:iQqMQOzjl3AEuVdC1XetJ8add9QzhsxVY1IOO2JukdfDDKq5wIi+LUk:dqf452vC1XetJ8addQsVY1VdfDDKq5w0

    Score
    7/10
    • Changes its process name

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks