General
-
Target
JaffaCakes118_37670f71a35213217cab145aa7e262e0e46e411007b2d68f26e74c3d44693e95
-
Size
2.4MB
-
Sample
250102-z7fk1ayqer
-
MD5
a86e881dc52bff3f3595aa1b570ce387
-
SHA1
a7225b9ae963296097b24920a364526f78c5b9b0
-
SHA256
37670f71a35213217cab145aa7e262e0e46e411007b2d68f26e74c3d44693e95
-
SHA512
58261edf2108caa356eea20d2b82aad4fab432dfb4e7c62ec632a92979de8a197399ebc007409decc6b45969077a2fac3cfaf3c556b8685778a3f5ab8f04f6f3
-
SSDEEP
49152:6/7xSPV5yM4wgXSqFIkFEIbzaPBKH5t0I4uGysm7OFHP:6jIPVYPMGEIbzaPet0Humm7OFv
Malware Config
Targets
-
-
Target
Opensea Mint/install_modules.sh
-
Size
3KB
-
MD5
05a28430f97b6db328b9f748005718cc
-
SHA1
da28f7c62b43f2cb97e5b6a2e71eb8199bdbae5c
-
SHA256
d05559d26e8db46d562314ecc55bb8f0f17518f313cf0f2e0cff690f4240aacf
-
SHA512
d2f64b14e83b668c03af5c4f9495a7b268a7756220b74df82e54fba0edea3f374e353dd69b9c293cd51fbd6c5ecaea86072ce2895f91a09451bf0cbd2019cbdf
Score9/10-
Renames multiple (54) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
File and Directory Permissions Modification
Adversaries may modify file or directory permissions to evade defenses.
-
Executes dropped EXE
-
OS Credential Dumping
Adversaries may attempt to dump credentials to use it in password cracking.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Defense Evasion
File and Directory Permissions Modification
1Linux and Mac File and Directory Permissions Modification
1Virtualization/Sandbox Evasion
1System Checks
1