General
-
Target
f6cf0dcc1dc2f98a1ce0736486da517c_JaffaCakes118
-
Size
298KB
-
Sample
240417-3jmk7ahg38
-
MD5
f6cf0dcc1dc2f98a1ce0736486da517c
-
SHA1
cd8d7c54127042641fa92b32cbfb92f470e2de07
-
SHA256
67d4ac0f317775f2a87952330ff5ffb7147e00fc0e79396b15ba0c42993c3077
-
SHA512
3b759a866eb0aa52f9ab39fb911c659c30881bcedff1b144ced2fa18c82d0a1337fd92e986dcca553e4433f1f5093971fed7a1575333501cc3bc61d1279f3507
-
SSDEEP
6144:x1MRCVX+nX58rYK4mugGGDo62cjJKPG1RuyioAJkQJcdG80ejeZlND:MYZ+nXeEHio621O/qVSQ2GHT/V
Behavioral task
behavioral1
Sample
f6cf0dcc1dc2f98a1ce0736486da517c_JaffaCakes118.pdf
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
f6cf0dcc1dc2f98a1ce0736486da517c_JaffaCakes118.pdf
Resource
win10v2004-20240412-en
Behavioral task
behavioral3
Sample
Aula2.exe
Resource
win7-20240220-en
Behavioral task
behavioral4
Sample
Aula2.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
200.144.154.17:4444
Targets
-
-
Target
f6cf0dcc1dc2f98a1ce0736486da517c_JaffaCakes118
-
Size
298KB
-
MD5
f6cf0dcc1dc2f98a1ce0736486da517c
-
SHA1
cd8d7c54127042641fa92b32cbfb92f470e2de07
-
SHA256
67d4ac0f317775f2a87952330ff5ffb7147e00fc0e79396b15ba0c42993c3077
-
SHA512
3b759a866eb0aa52f9ab39fb911c659c30881bcedff1b144ced2fa18c82d0a1337fd92e986dcca553e4433f1f5093971fed7a1575333501cc3bc61d1279f3507
-
SSDEEP
6144:x1MRCVX+nX58rYK4mugGGDo62cjJKPG1RuyioAJkQJcdG80ejeZlND:MYZ+nXeEHio621O/qVSQ2GHT/V
Score1/10 -
-
-
Target
Aula2.pdf
-
Size
72KB
-
MD5
5e24c8827ad466ed0a7013541ef406f8
-
SHA1
52620b5364af8cb831966df388d176583f7bd612
-
SHA256
40f06077e5f0a940f41a1fec21c082bcb173be11904e3101a543b4d8154fc9ae
-
SHA512
ad9930ea99e94ebbabb32bfd71ec299258a64a7d6a46bdcb5468fcc4388c3a461f1996ee55211781dcb7c97f74a37119bc0d91051252ac41ac70c2211d0b1aba
-
SSDEEP
1536:IMGk/icqfajENCZnssaL5eiTn4Mb+KR0Nc8QsJq39:HG+tjEO5e0Nc8QsC9
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-