General

  • Target

    8c5190cd997bf310db43cb4cad6b1879_JaffaCakes118

  • Size

    123KB

  • Sample

    240402-pfpz9ahf2t

  • MD5

    8c5190cd997bf310db43cb4cad6b1879

  • SHA1

    2813eeffbe24b7e0b823f2cbd461237109436015

  • SHA256

    5eed10631ad54d4031c885e1f230295e19a57f68c5523edf37ee5afd79cc2505

  • SHA512

    56a981fce4b92c633113af9eb2b29889f5edbc7ed79ce685d3f93961f150878a295c17c67dcdbfa3ffdf4f65c4b520b5cbe22a6c375b4906ff5e5c864390339a

  • SSDEEP

    1536:lLeT8O9A9LV12ejMQZYXvayQg5ao7d0r5h5ddddd9U9XyElwmeFfkq+QCyRnVgj:ljO99ejjt8aV5hNfElwmeRkq+QXnVgj

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

15.235.131.10:666

Targets

    • Target

      8c5190cd997bf310db43cb4cad6b1879_JaffaCakes118

    • Size

      123KB

    • MD5

      8c5190cd997bf310db43cb4cad6b1879

    • SHA1

      2813eeffbe24b7e0b823f2cbd461237109436015

    • SHA256

      5eed10631ad54d4031c885e1f230295e19a57f68c5523edf37ee5afd79cc2505

    • SHA512

      56a981fce4b92c633113af9eb2b29889f5edbc7ed79ce685d3f93961f150878a295c17c67dcdbfa3ffdf4f65c4b520b5cbe22a6c375b4906ff5e5c864390339a

    • SSDEEP

      1536:lLeT8O9A9LV12ejMQZYXvayQg5ao7d0r5h5ddddd9U9XyElwmeFfkq+QCyRnVgj:ljO99ejjt8aV5hNfElwmeRkq+QXnVgj

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks