General

  • Target

    b11c5aacf893fd93a2d000a8c459748a_JaffaCakes118

  • Size

    181KB

  • Sample

    240616-bwkhtatema

  • MD5

    b11c5aacf893fd93a2d000a8c459748a

  • SHA1

    52b331fe7943e0b582a0d749aee8469111745640

  • SHA256

    1245b87af2ba4d0d36fa4909135d92a2bcbe5e2de23489bc8b9d5896c157b60e

  • SHA512

    bc72004327f844ef1ef1fe7825413f9fb3ad4fe58b76c1f8f8f728b844b240cc4db5da3f0e32eedc6e35dc670735b6c41d892335cdc340187b957f1a0130ad9c

  • SSDEEP

    3072:Y9UCwvaTRltG3nB6OUaXw0iKo5n9NPzH/xWtfUkHNSO1fRafDw4k9pxe:YWZl/UaXw0iKkn91/xWpcOfRqDw4k9pE

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

176.123.26.89:23

Targets

    • Target

      b11c5aacf893fd93a2d000a8c459748a_JaffaCakes118

    • Size

      181KB

    • MD5

      b11c5aacf893fd93a2d000a8c459748a

    • SHA1

      52b331fe7943e0b582a0d749aee8469111745640

    • SHA256

      1245b87af2ba4d0d36fa4909135d92a2bcbe5e2de23489bc8b9d5896c157b60e

    • SHA512

      bc72004327f844ef1ef1fe7825413f9fb3ad4fe58b76c1f8f8f728b844b240cc4db5da3f0e32eedc6e35dc670735b6c41d892335cdc340187b957f1a0130ad9c

    • SSDEEP

      3072:Y9UCwvaTRltG3nB6OUaXw0iKo5n9NPzH/xWtfUkHNSO1fRafDw4k9pxe:YWZl/UaXw0iKkn91/xWpcOfRqDw4k9pE

    Score
    9/10
    • Contacts a large (6694) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

MITRE ATT&CK Enterprise v15

Tasks