General
-
Target
3a71e06b5682fcb566d0311ef0508123_JaffaCakes118
-
Size
1.0MB
-
Sample
240330-mn3vzadd9x
-
MD5
3a71e06b5682fcb566d0311ef0508123
-
SHA1
4f5842dbedd58e9833f661fb9cca693493c9a01d
-
SHA256
5d222087e9cc1a6dc153e8f69ddd1288badf5793442922f413af394fffc7ab38
-
SHA512
cd3024c5b8dc2c8217bd4c6ffcd3573a112a70d0ae2e6b4f21ad7fd2f352c670edf9d2b0a7097fe155bc938091a90bdc7dca8db0c148ac5a3c94014d5e76da0f
-
SSDEEP
12288:d716fd+H6mAn3HMHQKOfmv4SBZaRtkuyQrioUaDBfLSpQOhygGyBjPVP+PVPXP04:t16fdIAiHOfgDaRt/HeoUaDBfLoxcjy
Static task
static1
Behavioral task
behavioral1
Sample
3a71e06b5682fcb566d0311ef0508123_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
3a71e06b5682fcb566d0311ef0508123_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
73.61.110.191:4444
Targets
-
-
Target
3a71e06b5682fcb566d0311ef0508123_JaffaCakes118
-
Size
1.0MB
-
MD5
3a71e06b5682fcb566d0311ef0508123
-
SHA1
4f5842dbedd58e9833f661fb9cca693493c9a01d
-
SHA256
5d222087e9cc1a6dc153e8f69ddd1288badf5793442922f413af394fffc7ab38
-
SHA512
cd3024c5b8dc2c8217bd4c6ffcd3573a112a70d0ae2e6b4f21ad7fd2f352c670edf9d2b0a7097fe155bc938091a90bdc7dca8db0c148ac5a3c94014d5e76da0f
-
SSDEEP
12288:d716fd+H6mAn3HMHQKOfmv4SBZaRtkuyQrioUaDBfLSpQOhygGyBjPVP+PVPXP04:t16fdIAiHOfgDaRt/HeoUaDBfLoxcjy
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-