General

  • Target

    81ef0f367a7d889e893e758c5ee12490_JaffaCakes118

  • Size

    173KB

  • Sample

    240402-dl6dmseg91

  • MD5

    81ef0f367a7d889e893e758c5ee12490

  • SHA1

    c17cd8dc71f04db0f23a891c9cd17fc2317f3ba0

  • SHA256

    84a3d149b8cc7ac936938d846b402f397fe5b802e7a569fba3bfbb757b6822a7

  • SHA512

    1d885cd9ebc895e280a2adc5ce3cc330559b814984b9f23b0d1d536b01ec846c35df94d6a893a252e592b5030c3d6b4849736300b4eef732dc5141953d1b6ef0

  • SSDEEP

    3072:z85P8Oq1P78nfL8LdRkjbiyui4PWO9LaK8XJuj7PvStrVcY:zMEPus+myurPWyGX4nnS4

Score
10/10

Malware Config

Targets

    • Target

      81ef0f367a7d889e893e758c5ee12490_JaffaCakes118

    • Size

      173KB

    • MD5

      81ef0f367a7d889e893e758c5ee12490

    • SHA1

      c17cd8dc71f04db0f23a891c9cd17fc2317f3ba0

    • SHA256

      84a3d149b8cc7ac936938d846b402f397fe5b802e7a569fba3bfbb757b6822a7

    • SHA512

      1d885cd9ebc895e280a2adc5ce3cc330559b814984b9f23b0d1d536b01ec846c35df94d6a893a252e592b5030c3d6b4849736300b4eef732dc5141953d1b6ef0

    • SSDEEP

      3072:z85P8Oq1P78nfL8LdRkjbiyui4PWO9LaK8XJuj7PvStrVcY:zMEPus+myurPWyGX4nnS4

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks