General

  • Target

    822f679ccf698fd894bcc5c8d711fda0_JaffaCakes118

  • Size

    156KB

  • Sample

    240402-dtnhssfe88

  • MD5

    822f679ccf698fd894bcc5c8d711fda0

  • SHA1

    52b31bf31da710124d2e43145eeea565674c9cc3

  • SHA256

    de193aae9ea6d7b04083a175945d52d56b9a4ad25da834cb3a6ecb604749a59e

  • SHA512

    af3d067c73203f5a396cc46587d05333ff72ab2fc53c5fabe7a7925336dcb184b8ba259dc2cec8eb440f48191d2eac0f7a2b7ba928af7b5da689df368784c1b8

  • SSDEEP

    3072:T1g2/eINNlzx2kkQCMOaQcvBFYnyLRM/9zXwmFwfBxKQodn:hg2hNNlzIkk/MOa/TYnydM/9cmFwfBxE

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

107.172.201.217:606

Targets

    • Target

      822f679ccf698fd894bcc5c8d711fda0_JaffaCakes118

    • Size

      156KB

    • MD5

      822f679ccf698fd894bcc5c8d711fda0

    • SHA1

      52b31bf31da710124d2e43145eeea565674c9cc3

    • SHA256

      de193aae9ea6d7b04083a175945d52d56b9a4ad25da834cb3a6ecb604749a59e

    • SHA512

      af3d067c73203f5a396cc46587d05333ff72ab2fc53c5fabe7a7925336dcb184b8ba259dc2cec8eb440f48191d2eac0f7a2b7ba928af7b5da689df368784c1b8

    • SSDEEP

      3072:T1g2/eINNlzx2kkQCMOaQcvBFYnyLRM/9zXwmFwfBxKQodn:hg2hNNlzIkk/MOa/TYnydM/9cmFwfBxE

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks