General

  • Target

    79949bbec90a663289312a4bcb043aeb_JaffaCakes118

  • Size

    420KB

  • Sample

    241028-peb21ayfpe

  • MD5

    79949bbec90a663289312a4bcb043aeb

  • SHA1

    14b39b97dd2564d2bee5bdbb166552a5e15b8c1f

  • SHA256

    0b0818a3e82b1653a0160daedf39b18f4dd2a1b41661928451e5a26c4b6392a7

  • SHA512

    09ffa62f1af6bb6f0bb00fc9da3c6e59abaabc9c1e461a8dd3391d205ad3f0d3d4fa18e063230fdfefe4ddb105adbe8a5795d05d1414cf142cc80669c0628f1c

  • SSDEEP

    12288:gOOOYs0vs0vs0vs0B53OZjoI0/XJ2dGPDi0sMUEzSxFEqW:Gs0vs0vs0vs0X80PJPP

Malware Config

Extracted

Family

nanocore

Version

1.2.2.0

C2

grene231.ddns.net:9017

Mutex

050c3e25-856b-443b-ae6e-44a1fa0b6039

Attributes
  • activate_away_mode

    true

  • backup_connection_host

    grene231.ddns.net

  • backup_dns_server

    8.8.4.4

  • buffer_size

    65535

  • build_time

    2018-12-09T09:11:12.426017136Z

  • bypass_user_account_control

    true

  • bypass_user_account_control_data

  • clear_access_control

    true

  • clear_zone_identifier

    false

  • connect_delay

    4000

  • connection_port

    9017

  • default_group

    Vala

  • enable_debug_mode

    true

  • gc_threshold

    1.048576e+07

  • keep_alive_timeout

    30000

  • keyboard_logging

    false

  • lan_timeout

    2500

  • max_packet_size

    1.048576e+07

  • mutex

    050c3e25-856b-443b-ae6e-44a1fa0b6039

  • mutex_timeout

    5000

  • prevent_system_sleep

    false

  • primary_connection_host

    grene231.ddns.net

  • primary_dns_server

    8.8.8.8

  • request_elevation

    true

  • restart_delay

    5000

  • run_delay

    0

  • run_on_startup

    false

  • set_critical_process

    true

  • timeout_interval

    5000

  • use_custom_dns_server

    false

  • version

    1.2.2.0

  • wan_timeout

    8000

Targets

    • Target

      79949bbec90a663289312a4bcb043aeb_JaffaCakes118

    • Size

      420KB

    • MD5

      79949bbec90a663289312a4bcb043aeb

    • SHA1

      14b39b97dd2564d2bee5bdbb166552a5e15b8c1f

    • SHA256

      0b0818a3e82b1653a0160daedf39b18f4dd2a1b41661928451e5a26c4b6392a7

    • SHA512

      09ffa62f1af6bb6f0bb00fc9da3c6e59abaabc9c1e461a8dd3391d205ad3f0d3d4fa18e063230fdfefe4ddb105adbe8a5795d05d1414cf142cc80669c0628f1c

    • SSDEEP

      12288:gOOOYs0vs0vs0vs0B53OZjoI0/XJ2dGPDi0sMUEzSxFEqW:Gs0vs0vs0vs0X80PJPP

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.