General

  • Target

    JaffaCakes118_2d0c430ad6e5b988fddc1d79e11172e999d0200661539720650f812a2a4e7d8a

  • Size

    75KB

  • Sample

    241225-agm5qa1pes

  • MD5

    3d135163834b91474ce31bed2d229ba0

  • SHA1

    1edfd9e4139ccf241bff6901826893c5af486ff9

  • SHA256

    2d0c430ad6e5b988fddc1d79e11172e999d0200661539720650f812a2a4e7d8a

  • SHA512

    34aae932238b974aae0d296bd21185e61118017346045ce811ad1840429decefb13e26e4ed1b45246cfe75163437dff2b63039aa2f8142bed44137dbfc2a19e2

  • SSDEEP

    1536:+wZTgJnDX4Gc+0hsV3ikg80DL6RilMLjIr+a:+wZTgJnD42csVSt80H6J/ja

Score
10/10

Malware Config

Extracted

Family

gafgyt

C2

45.140.188.40:1194

Targets

    • Target

      94868968b95abcbbc4c5265cbb21de309333d533fcb0fd77e7b1d3e4e37cc30c

    • Size

      210KB

    • MD5

      46267a81556ebcf0b55bd580d9b5d681

    • SHA1

      abd003e476c45ac626e2fce403a8006208bd08ba

    • SHA256

      94868968b95abcbbc4c5265cbb21de309333d533fcb0fd77e7b1d3e4e37cc30c

    • SHA512

      18704c2d0c1dd07ced7ab8d25deaa992f592c8c7e40d7b8a9eaf5feefe764855a0ad1c0fdf330fb4883763703835371aea8945231a23884664d49a5cb47edf1c

    • SSDEEP

      3072:RH2f5PcP0CaNeMKg04dXdb6TIYAlnoLi39IaGdx6Nc/9kixPOdVmN3Ko5yDOH/px:RH2talaC1Y60pIy9ciBRoPcmyW492hSk

    Score
    6/10
    • Reads system routing table

      Gets active network interfaces from /proc virtual filesystem.

MITRE ATT&CK Enterprise v15

Tasks