General

  • Target

    fee9cf8ec3de16009f0ffecdb2a8a831_JaffaCakes118

  • Size

    291KB

  • Sample

    240929-txkjba1eqn

  • MD5

    fee9cf8ec3de16009f0ffecdb2a8a831

  • SHA1

    93af1af6f4d7ba623f03892032a805a099e2ab3c

  • SHA256

    155f0bd1a6d92bf811c5157707eec4780d4b17cf6fb1166200a9d1ab9b93da48

  • SHA512

    70e7e5b0810df304774d547d14546b13dfea0e4a69775589ec1d9727868e0dba9db76948749274ebfd11551465ec6a432edc77ead4111f713abc10fb713f6e66

  • SSDEEP

    6144:/FVFmmoBy8TCukZw8db2cETk0MmsN6798y89xih5Mp:9mhy8TCukZJ2cETkAs2jU

Malware Config

Extracted

Family

nanocore

Version

1.2.2.0

C2

netserv.serveftp.com:55128

176.31.174.37:55128

Mutex

4b736bf9-5142-40fe-ab51-5c64053db0ff

Attributes
  • activate_away_mode

    true

  • backup_connection_host

    176.31.174.37

  • backup_dns_server

    8.8.4.4

  • buffer_size

    65535

  • build_time

    2015-04-03T18:30:02.293302936Z

  • bypass_user_account_control

    true

  • bypass_user_account_control_data

  • clear_access_control

    true

  • clear_zone_identifier

    false

  • connect_delay

    4000

  • connection_port

    55128

  • default_group

    Default

  • enable_debug_mode

    true

  • gc_threshold

    1.048576e+07

  • keep_alive_timeout

    30000

  • keyboard_logging

    false

  • lan_timeout

    2500

  • max_packet_size

    1.048576e+07

  • mutex

    4b736bf9-5142-40fe-ab51-5c64053db0ff

  • mutex_timeout

    5000

  • prevent_system_sleep

    false

  • primary_connection_host

    netserv.serveftp.com

  • primary_dns_server

    8.8.8.8

  • request_elevation

    true

  • restart_delay

    5000

  • run_delay

    0

  • run_on_startup

    false

  • set_critical_process

    true

  • timeout_interval

    5000

  • use_custom_dns_server

    false

  • version

    1.2.2.0

  • wan_timeout

    8000

Targets

    • Target

      fee9cf8ec3de16009f0ffecdb2a8a831_JaffaCakes118

    • Size

      291KB

    • MD5

      fee9cf8ec3de16009f0ffecdb2a8a831

    • SHA1

      93af1af6f4d7ba623f03892032a805a099e2ab3c

    • SHA256

      155f0bd1a6d92bf811c5157707eec4780d4b17cf6fb1166200a9d1ab9b93da48

    • SHA512

      70e7e5b0810df304774d547d14546b13dfea0e4a69775589ec1d9727868e0dba9db76948749274ebfd11551465ec6a432edc77ead4111f713abc10fb713f6e66

    • SSDEEP

      6144:/FVFmmoBy8TCukZw8db2cETk0MmsN6798y89xih5Mp:9mhy8TCukZJ2cETkAs2jU

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.