General

  • Target

    768d2bef26975c7c15767944a71259d4_JaffaCakes118

  • Size

    188KB

  • Sample

    240526-x2mq1sgh8x

  • MD5

    768d2bef26975c7c15767944a71259d4

  • SHA1

    38d4f37014982484377ae2cea3e0bddf0a770667

  • SHA256

    b03c0d9a936644e05ec1abb6463bca88cf6300d31c60138037bd951af676db6d

  • SHA512

    976a8d0495ed74ed1417fa2af3201455fd3912bd76dd3c5ec41a5fe680428ee20abab174bb6ddfe075593a9798fd2fe4754a8c0e26739284388a3fd65f31dcf0

  • SSDEEP

    3072:Wjyvr5Ps+g8SYkQy6aOEV2/uxq1WolGLmt01hji3mF7zS1rCkFSXQVDLU6:OyvrJbtEVm4qvlPgAmFnEFyQVDw6

Malware Config

Extracted

Family

gootkit

Botnet

2855

C2

me.jmitchelldayton.com

otnhmtkwodm1.site

Attributes
  • vendor_id

    2855

Targets

    • Target

      768d2bef26975c7c15767944a71259d4_JaffaCakes118

    • Size

      188KB

    • MD5

      768d2bef26975c7c15767944a71259d4

    • SHA1

      38d4f37014982484377ae2cea3e0bddf0a770667

    • SHA256

      b03c0d9a936644e05ec1abb6463bca88cf6300d31c60138037bd951af676db6d

    • SHA512

      976a8d0495ed74ed1417fa2af3201455fd3912bd76dd3c5ec41a5fe680428ee20abab174bb6ddfe075593a9798fd2fe4754a8c0e26739284388a3fd65f31dcf0

    • SSDEEP

      3072:Wjyvr5Ps+g8SYkQy6aOEV2/uxq1WolGLmt01hji3mF7zS1rCkFSXQVDLU6:OyvrJbtEVm4qvlPgAmFnEFyQVDw6

MITRE ATT&CK Enterprise v15

Tasks