General
-
Target
06e0998e9c8ae7ba03cf2c5e10c3a2c9_JaffaCakes118
-
Size
115KB
-
Sample
240429-fqjrjsbe61
-
MD5
06e0998e9c8ae7ba03cf2c5e10c3a2c9
-
SHA1
e144ed0a39d7b2f71fd1f29a3e2a6cd97a6db4a3
-
SHA256
31a8593b18120bcd4f5060bbece6be1396e158ba439b8315a22774dda3e98413
-
SHA512
cf9bface8227dca4432f6f33ec4249186095ff7def63f5dd15c7690695d9d0c9feefcaac3a8fc394f8c9ba2f7c1dd4e21866e1a5a3eb2dfcecd49481a1ee2375
-
SSDEEP
1536:mAG1udvDu3xv+pekyzdJNWiKuBGjsJIGgVawLkRyvj:HGwd8GCWSIGQawLi
Behavioral task
behavioral1
Sample
06e0998e9c8ae7ba03cf2c5e10c3a2c9_JaffaCakes118.doc
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
06e0998e9c8ae7ba03cf2c5e10c3a2c9_JaffaCakes118.doc
Resource
win10v2004-20240419-en
Malware Config
Extracted
metasploit
windows/download_exec
http://192.168.0.30:80/nQCZ
- headers User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0)
Targets
-
-
Target
06e0998e9c8ae7ba03cf2c5e10c3a2c9_JaffaCakes118
-
Size
115KB
-
MD5
06e0998e9c8ae7ba03cf2c5e10c3a2c9
-
SHA1
e144ed0a39d7b2f71fd1f29a3e2a6cd97a6db4a3
-
SHA256
31a8593b18120bcd4f5060bbece6be1396e158ba439b8315a22774dda3e98413
-
SHA512
cf9bface8227dca4432f6f33ec4249186095ff7def63f5dd15c7690695d9d0c9feefcaac3a8fc394f8c9ba2f7c1dd4e21866e1a5a3eb2dfcecd49481a1ee2375
-
SSDEEP
1536:mAG1udvDu3xv+pekyzdJNWiKuBGjsJIGgVawLkRyvj:HGwd8GCWSIGQawLi
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-