General

  • Target

    JaffaCakes118_1f3417313142623ec2bd3926d4994255a1764f3a31a10f0a3bf0e29eed576dfc

  • Size

    41KB

  • Sample

    241224-mywveawkaq

  • MD5

    2ff506d97723dbe6b6f47d471028f404

  • SHA1

    28af34f1bf60dcf0261d71d5d927f463cacdc21a

  • SHA256

    1f3417313142623ec2bd3926d4994255a1764f3a31a10f0a3bf0e29eed576dfc

  • SHA512

    c20705ae46585d5ae81e1a3ec5a8c4f6485c2aeff10a2b9cdca65149112823fafc88be1cbb8c028b9b5ad9681706659820dfeaf2611c08dbb85c21130231d373

  • SSDEEP

    768:BBLYN1F0nZiT3SfYwvjP9ZJmaBIfVPVGJxduL6jezHJP:XCbQw3SfpnJmauf5VGJscKp

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

45.140.188.40:1194

Targets

    • Target

      9ff11eae9665a01eb5cee5ea0406287208bcbd7f6cd77a4f8901e58bdc204780

    • Size

      98KB

    • MD5

      03df5e5b3ca5751352e596e07e4ae695

    • SHA1

      ef010b4872aa127f0eca68500f769871835270df

    • SHA256

      9ff11eae9665a01eb5cee5ea0406287208bcbd7f6cd77a4f8901e58bdc204780

    • SHA512

      3b310893cc2e574ad25b22b7d3cf75d83063b5354a702a4db2699f8a1703da12ed60de581b9808fcbad74ddf524bd57e0165f70a2a9c5ec418c6ad93aced6411

    • SSDEEP

      3072:VSx+i6mqaObhNmnPNKV+qKmZuqQ4DPwXXtse:y6mRObnmnP7qKmZuqQ4DPwXXtse

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks