General

  • Target

    ca635ade9c58ac45f54483f4e6a30b82_JaffaCakes118

  • Size

    361KB

  • Sample

    240405-en91aabg2w

  • MD5

    ca635ade9c58ac45f54483f4e6a30b82

  • SHA1

    a91938fadba06e347903f6a4abe1af30a21f2d07

  • SHA256

    2c839c357b85bc65e982067f854d9ba66914b2177f3301e61320ae9c521278c6

  • SHA512

    38ba94f0e9f9b5196b2c2fcda5bd185b7c1e83450e4eb85d1b74e549d9ffdc9deecf89696e66ba9ad4c693ee5fc2622ae3e4225634cada5878bbaa7f6e0f8041

  • SSDEEP

    6144:BRZwtnqX24LAxOoWi/vTGMIYsAOdrp7IgibcDDtihjIr:2tnab8GMIYsL3kSr

Score
10/10

Malware Config

Targets

    • Target

      ca635ade9c58ac45f54483f4e6a30b82_JaffaCakes118

    • Size

      361KB

    • MD5

      ca635ade9c58ac45f54483f4e6a30b82

    • SHA1

      a91938fadba06e347903f6a4abe1af30a21f2d07

    • SHA256

      2c839c357b85bc65e982067f854d9ba66914b2177f3301e61320ae9c521278c6

    • SHA512

      38ba94f0e9f9b5196b2c2fcda5bd185b7c1e83450e4eb85d1b74e549d9ffdc9deecf89696e66ba9ad4c693ee5fc2622ae3e4225634cada5878bbaa7f6e0f8041

    • SSDEEP

      6144:BRZwtnqX24LAxOoWi/vTGMIYsAOdrp7IgibcDDtihjIr:2tnab8GMIYsL3kSr

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Detect ZGRat V1

    • ZGRat

      ZGRat is remote access trojan written in C#.

    • Async RAT payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

MITRE ATT&CK Enterprise v15

Tasks