General

  • Target

    07b030d2d9514eb342732e24f096b066_JaffaCakes118

  • Size

    37KB

  • Sample

    240429-pv8e5sag54

  • MD5

    07b030d2d9514eb342732e24f096b066

  • SHA1

    ae675ffb75c89eac13848237240d724591211818

  • SHA256

    0ae4dfe43308ce7d6e68d877c74e74e63d03089d9a36a0f3b3501c97137345c1

  • SHA512

    2975a45f7f6ac8ed1b07bc3db0bbec763637225ffe8727b6da6fe2e7d73a9bffbaec6e2c1baee4301bbe4f289e74dd8491690845007f9485e9c1bfcf916ca145

  • SSDEEP

    384:HM1qiUt54NLHdaysz31avxdHsm2TsrAF+rMRTyN/0L+EcoinblneHQM3epzXRNCG:sHZdJsz31a7Hl2grM+rMRa8NuPPt

Score
10/10

Malware Config

Extracted

Family

njrat

Version

im523

Botnet

DIMONHACK

C2

dima715626.ddns.net:9291

Mutex

f5a2552a9a371bcdfe465098b6608089

Attributes
  • reg_key

    f5a2552a9a371bcdfe465098b6608089

  • splitter

    |'|'|

Targets

    • Target

      07b030d2d9514eb342732e24f096b066_JaffaCakes118

    • Size

      37KB

    • MD5

      07b030d2d9514eb342732e24f096b066

    • SHA1

      ae675ffb75c89eac13848237240d724591211818

    • SHA256

      0ae4dfe43308ce7d6e68d877c74e74e63d03089d9a36a0f3b3501c97137345c1

    • SHA512

      2975a45f7f6ac8ed1b07bc3db0bbec763637225ffe8727b6da6fe2e7d73a9bffbaec6e2c1baee4301bbe4f289e74dd8491690845007f9485e9c1bfcf916ca145

    • SSDEEP

      384:HM1qiUt54NLHdaysz31avxdHsm2TsrAF+rMRTyN/0L+EcoinblneHQM3epzXRNCG:sHZdJsz31a7Hl2grM+rMRa8NuPPt

    Score
    8/10
    • Modifies Windows Firewall

    • Drops startup file

MITRE ATT&CK Enterprise v15

Tasks