General
-
Target
1953435453f91d6334a0c40d568de09c_JaffaCakes118
-
Size
55KB
-
Sample
240329-fwnbxsbc23
-
MD5
1953435453f91d6334a0c40d568de09c
-
SHA1
f45f0bc8f201e22072c6f273e15e5af7d79970c8
-
SHA256
89e86f848bf51d77fa141bff00641f24b053bdbb246c7ffab559c7acc64e0d91
-
SHA512
efcc4d18afc7e6733cb7a7afead6266545094393912b61592b88c3f3e8bcda68382fd94d73fb3cd090d8965c961a14b1bbb59ea34c36dd70629d0140767b0253
-
SSDEEP
1536:3kWrVmGeMW1waT5vkmmks5UBr0umEp0/s:3kWYGZ0knks6BouIs
Behavioral task
behavioral1
Sample
tulacrupatatecru.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
tulacrupatatecru.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
192.168.1.29:1605
Targets
-
-
Target
tulacrupatatecru.exe
-
Size
43KB
-
MD5
a952d7eb92d8740a9d70b20026ddc564
-
SHA1
f4a66103fdcd1b57bab65b0bbb167935b9593850
-
SHA256
807683558e505a336fc469d0ed066991451b2ea5c0d9bb781d84f3b4769e2026
-
SHA512
116d434369f47771bafb61108f14d277d1087400a24bb47c50f6b104021a4310c67fa705954ce4d6394ce3631874ebe1ce7ced3b801df390b2ae05c175116559
-
SSDEEP
768:NFkP6UQpP7R72qQLBKrX9Dqc+D9XWOsWAoLnd:Q6UQpD92qQqNDqc+5GOfRLnd
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-