General

  • Target

    fd2876675fa2c559391ececc0b27732d_JaffaCakes118

  • Size

    115KB

  • Sample

    240928-z5f4rawgnp

  • MD5

    fd2876675fa2c559391ececc0b27732d

  • SHA1

    cb8e4167a43bab98229cccc138245e6f3c282f9d

  • SHA256

    ecd83fcfdade75c0bf223d15ac119ba1d5fc89590eadaa72e8f675cd8e09fa7d

  • SHA512

    9dd83b1cbd3b45413feaf0816c757b534b483ce26d509dc91e956af99b5abddcebab24c6220d1cf75e4a0868cc1e9464910e202934dab9efaad83ecf0a804761

  • SSDEEP

    1536:17jR1T5Sq+Xh8ZqV92rKLIty+cIFGz9n49DVnTLemYG4CjLimWtFGXwcf9H2LZr:bnRqzIWrzupVnT/B4C3imWnGXwc52LZr

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

51.68.213.103:23

Targets

    • Target

      fd2876675fa2c559391ececc0b27732d_JaffaCakes118

    • Size

      115KB

    • MD5

      fd2876675fa2c559391ececc0b27732d

    • SHA1

      cb8e4167a43bab98229cccc138245e6f3c282f9d

    • SHA256

      ecd83fcfdade75c0bf223d15ac119ba1d5fc89590eadaa72e8f675cd8e09fa7d

    • SHA512

      9dd83b1cbd3b45413feaf0816c757b534b483ce26d509dc91e956af99b5abddcebab24c6220d1cf75e4a0868cc1e9464910e202934dab9efaad83ecf0a804761

    • SSDEEP

      1536:17jR1T5Sq+Xh8ZqV92rKLIty+cIFGz9n49DVnTLemYG4CjLimWtFGXwcf9H2LZr:bnRqzIWrzupVnT/B4C3imWnGXwc52LZr

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks