5d1e40bde6034c1f9dd1dc8e730136d331ed585a2812319cb5851f7a969856ed | Triage

Sharing

General

Target

d31e7e1630f019842d48215aa4513057_JaffaCakes118
Size

87KB
Sample

240908-agt82avhqb
MD5

d31e7e1630f019842d48215aa4513057
SHA1

6e4f47727fd8e5f24c301b208595869719c1749d
SHA256

5d1e40bde6034c1f9dd1dc8e730136d331ed585a2812319cb5851f7a969856ed
SHA512

2e9f7390df0ddce195fca5e678c64313a3814823c8cc38dafc2b8f7e4ecadb0236aadb7b9dd60d4f77bcf7817239b02d688c9d21a61c6a17f079037265ac51ff
SSDEEP

1536:pv/v5CEUjS6v8EbvSMMA1ZauPWhR9+f1krRu:pv5CE9qvSMB1WQGE

Score

9^/10

discovery

Malware Config

Targets

- Target
  
  d31e7e1630f019842d48215aa4513057_JaffaCakes118
- Size
  
  87KB
- MD5
  
  d31e7e1630f019842d48215aa4513057
- SHA1
  
  6e4f47727fd8e5f24c301b208595869719c1749d
- SHA256
  
  5d1e40bde6034c1f9dd1dc8e730136d331ed585a2812319cb5851f7a969856ed
- SHA512
  
  2e9f7390df0ddce195fca5e678c64313a3814823c8cc38dafc2b8f7e4ecadb0236aadb7b9dd60d4f77bcf7817239b02d688c9d21a61c6a17f079037265ac51ff
- SSDEEP
  
  1536:pv/v5CEUjS6v8EbvSMMA1ZauPWhR9+f1krRu:pv5CE9qvSMB1WQGE
Score

9^/10

discovery
- Contacts a large (37101) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1