General

  • Target

    06cd85dd1d8b4ac380b6121de069ef87_JaffaCakes118

  • Size

    3.9MB

  • Sample

    240429-eyjwvaad4y

  • MD5

    06cd85dd1d8b4ac380b6121de069ef87

  • SHA1

    5044b5313925a123d0e1e9115464f3e968d5e900

  • SHA256

    ee94dab8f780d5f87bdfc4d5ecac1746a16a695f2bfb07c4eb75da46fe0c6bca

  • SHA512

    da8d2603a1e492e0af9f88b7c58b08f62252fa33bd34daa5227d2a4961cddfd9ee4ceeb28cd34ef89a59ee411e13b92f23238f804571ea57c07fa011aa507cff

  • SSDEEP

    98304:WmBLLppdvJidROcELaIKiGAFotV35t0kc7NELnI8uxc:HBLLppdcDxViGftV35tEsI8o

Malware Config

Extracted

Family

stealthworker

Extracted

Family

stealthworker

Version

2.26

C2

http://hardyqeeens.com:8081

Targets

    • Target

      06cd85dd1d8b4ac380b6121de069ef87_JaffaCakes118

    • Size

      3.9MB

    • MD5

      06cd85dd1d8b4ac380b6121de069ef87

    • SHA1

      5044b5313925a123d0e1e9115464f3e968d5e900

    • SHA256

      ee94dab8f780d5f87bdfc4d5ecac1746a16a695f2bfb07c4eb75da46fe0c6bca

    • SHA512

      da8d2603a1e492e0af9f88b7c58b08f62252fa33bd34daa5227d2a4961cddfd9ee4ceeb28cd34ef89a59ee411e13b92f23238f804571ea57c07fa011aa507cff

    • SSDEEP

      98304:WmBLLppdvJidROcELaIKiGAFotV35t0kc7NELnI8uxc:HBLLppdcDxViGftV35tEsI8o

    • StealthWorker

      StealthWorker is golang-based brute force malware.

    • Drops startup file

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks