General
-
Target
1d2f027e6f6d546e2bca73d98c2f87f9_JaffaCakes118
-
Size
38KB
-
Sample
240506-s17btabh82
-
MD5
1d2f027e6f6d546e2bca73d98c2f87f9
-
SHA1
bb4b15ef1bc5107b861d74174c3cada9f8d7afa2
-
SHA256
7a32719cd5cdacb9aac09218cf555a63aeaff0711d07e6468e87739e09aaf108
-
SHA512
c55afdf0a5577e8982e13bb79f7252b756e50d9117a2f29016b9d6710b7940cf1af51525e54a3847e92aa3bdee7404e405e48a531dae7a5f2ce02c3e206b75a2
-
SSDEEP
768:1BAk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJCWNP/nqWujwaJRYM+gBToD+pLK4Ed:7Ak3hbdlylKsgqopeJBWhZFGkE+cL2Nw
Behavioral task
behavioral1
Sample
1d2f027e6f6d546e2bca73d98c2f87f9_JaffaCakes118.xls
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
1d2f027e6f6d546e2bca73d98c2f87f9_JaffaCakes118.xls
Resource
win10v2004-20240419-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
46.101.51.212:4444
Targets
-
-
Target
1d2f027e6f6d546e2bca73d98c2f87f9_JaffaCakes118
-
Size
38KB
-
MD5
1d2f027e6f6d546e2bca73d98c2f87f9
-
SHA1
bb4b15ef1bc5107b861d74174c3cada9f8d7afa2
-
SHA256
7a32719cd5cdacb9aac09218cf555a63aeaff0711d07e6468e87739e09aaf108
-
SHA512
c55afdf0a5577e8982e13bb79f7252b756e50d9117a2f29016b9d6710b7940cf1af51525e54a3847e92aa3bdee7404e405e48a531dae7a5f2ce02c3e206b75a2
-
SSDEEP
768:1BAk3hbdlylKsgqopeJBWhZFGkE+cL2NdAJCWNP/nqWujwaJRYM+gBToD+pLK4Ed:7Ak3hbdlylKsgqopeJBWhZFGkE+cL2Nw
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-