General

  • Target

    e8835433c962ff9bdc01d636ec60e84f_JaffaCakes118

  • Size

    105KB

  • Sample

    240918-g8kl8sxdnl

  • MD5

    e8835433c962ff9bdc01d636ec60e84f

  • SHA1

    4ff03e052679feb2fe227a2e60b3ad552735448d

  • SHA256

    b56c9647fa8e06213d0eeaf6542a6b15d5d96d074b2cfdc7229b8d97e3134017

  • SHA512

    2706633074883923b7bb601bada972aab812b03012eb2ed31a4b4170e148d5ec8ae93b7636c5aa6c5e48eb7936164b50036ed95a635f6cafed468c71af0b8c19

  • SSDEEP

    3072:wcrCEtwwHH12Kk2oQOGqEphahyDtjoKt28wdOD:dH8Kk5PEphahyDtjoKt28wdOD

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

51.158.109.239:379

Targets

    • Target

      e8835433c962ff9bdc01d636ec60e84f_JaffaCakes118

    • Size

      105KB

    • MD5

      e8835433c962ff9bdc01d636ec60e84f

    • SHA1

      4ff03e052679feb2fe227a2e60b3ad552735448d

    • SHA256

      b56c9647fa8e06213d0eeaf6542a6b15d5d96d074b2cfdc7229b8d97e3134017

    • SHA512

      2706633074883923b7bb601bada972aab812b03012eb2ed31a4b4170e148d5ec8ae93b7636c5aa6c5e48eb7936164b50036ed95a635f6cafed468c71af0b8c19

    • SSDEEP

      3072:wcrCEtwwHH12Kk2oQOGqEphahyDtjoKt28wdOD:dH8Kk5PEphahyDtjoKt28wdOD

    Score
    7/10
    • Deletes itself

    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks