General

  • Target

    85bb5cf732c4b1af891d16cb105af35a_JaffaCakes118

  • Size

    146KB

  • Sample

    240402-htqelsba63

  • MD5

    85bb5cf732c4b1af891d16cb105af35a

  • SHA1

    2dca05c4cb468f88bdbe373c3c84c0a810e74340

  • SHA256

    39e8e6808efbadc4d3dc8097bc0d48f8c8f4778886a8f0ff73b09e770ca50e47

  • SHA512

    9a772e6a7f18234155fa585f513c70e498b58fa422964b82be936040c9177a7f8e5246f8597a3b0f96c04d957579b46495382d7057c8b8d8202eb4255573290b

  • SSDEEP

    3072:Bn7aKpF4LSV9OdAKox7cennFEM/9OD4bxCkEFvmpwfvRQfZn:l7aKpF4eVZKotcenneM/9uvmpwfvafZn

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

45.148.120.80:839

Targets

    • Target

      85bb5cf732c4b1af891d16cb105af35a_JaffaCakes118

    • Size

      146KB

    • MD5

      85bb5cf732c4b1af891d16cb105af35a

    • SHA1

      2dca05c4cb468f88bdbe373c3c84c0a810e74340

    • SHA256

      39e8e6808efbadc4d3dc8097bc0d48f8c8f4778886a8f0ff73b09e770ca50e47

    • SHA512

      9a772e6a7f18234155fa585f513c70e498b58fa422964b82be936040c9177a7f8e5246f8597a3b0f96c04d957579b46495382d7057c8b8d8202eb4255573290b

    • SSDEEP

      3072:Bn7aKpF4LSV9OdAKox7cennFEM/9OD4bxCkEFvmpwfvRQfZn:l7aKpF4eVZKotcenneM/9uvmpwfvafZn

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks