General

  • Target

    f16c15ada304dd64e7b3b00dd4417c3e_JaffaCakes118

  • Size

    97KB

  • Sample

    240922-gtfdzavfra

  • MD5

    f16c15ada304dd64e7b3b00dd4417c3e

  • SHA1

    47f98785fa32a23f813949e830759c81ed94b9af

  • SHA256

    50538ff9d7f97c4b8c1e37f74462e199d91319e9df2e9c26d3a07da30ed65dcf

  • SHA512

    1823a4b0f055ec3ea3ddf8b91add1d0eaaf506b7e417aa960cffe9798e36c6c57de9621ddf5153dda7182a051129b88f79d97bf3b8911dd5762fcb062878b7a6

  • SSDEEP

    1536:opVExNAkP07kGRG5ByufTZUi7FRf6sYchCZNevpo:uaUkP8kGRi5fTj7Hf6sYLZH

Score
10/10

Malware Config

Extracted

Family

limerat

Attributes
  • antivm

    false

  • c2_url

    https://pastebin.com/raw/tB8Ub6Me

  • download_payload

    false

  • install

    false

  • pin_spread

    false

  • usb_spread

    false

Targets

    • Target

      f16c15ada304dd64e7b3b00dd4417c3e_JaffaCakes118

    • Size

      97KB

    • MD5

      f16c15ada304dd64e7b3b00dd4417c3e

    • SHA1

      47f98785fa32a23f813949e830759c81ed94b9af

    • SHA256

      50538ff9d7f97c4b8c1e37f74462e199d91319e9df2e9c26d3a07da30ed65dcf

    • SHA512

      1823a4b0f055ec3ea3ddf8b91add1d0eaaf506b7e417aa960cffe9798e36c6c57de9621ddf5153dda7182a051129b88f79d97bf3b8911dd5762fcb062878b7a6

    • SSDEEP

      1536:opVExNAkP07kGRG5ByufTZUi7FRf6sYchCZNevpo:uaUkP8kGRi5fTj7Hf6sYLZH

    Score
    10/10
    • LimeRAT

      Simple yet powerful RAT for Windows machines written in .NET.

    • Legitimate hosting services abused for malware hosting/C2

MITRE ATT&CK Enterprise v15

Tasks