General
-
Target
1e0c8821f75cf012331fb877f03149f0_JaffaCakes118
-
Size
6KB
-
Sample
240506-ybg9aaba34
-
MD5
1e0c8821f75cf012331fb877f03149f0
-
SHA1
04233fce3ef27db8dcc9019158113f7486a5d466
-
SHA256
af61080e67917e6e85d25b2032ffd30a6d2c15d304ae3a7328b46693e59f0b32
-
SHA512
734e18204fc85514d05d1bc6af6605dfcaea598bf84f4d9dec2a7a2a487e6b18363fbfd48d39d6d2b6834b44f45d4004078ae0613bb83c930b91cad5ee0715f3
-
SSDEEP
192:9Din2wZHaDygv1B0a9mvqrKiV3hLoYPxohtqhdOaxV:on2UaDrBR8tKlPChtqhdXV
Static task
static1
Behavioral task
behavioral1
Sample
1e0c8821f75cf012331fb877f03149f0_JaffaCakes118.html
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1e0c8821f75cf012331fb877f03149f0_JaffaCakes118.html
Resource
win10v2004-20240419-en
Malware Config
Extracted
http://plano.xoom.it/win.bat
Extracted
metasploit
windows/reverse_tcp
151.26.227.4:443
Targets
-
-
Target
1e0c8821f75cf012331fb877f03149f0_JaffaCakes118
-
Size
6KB
-
MD5
1e0c8821f75cf012331fb877f03149f0
-
SHA1
04233fce3ef27db8dcc9019158113f7486a5d466
-
SHA256
af61080e67917e6e85d25b2032ffd30a6d2c15d304ae3a7328b46693e59f0b32
-
SHA512
734e18204fc85514d05d1bc6af6605dfcaea598bf84f4d9dec2a7a2a487e6b18363fbfd48d39d6d2b6834b44f45d4004078ae0613bb83c930b91cad5ee0715f3
-
SSDEEP
192:9Din2wZHaDygv1B0a9mvqrKiV3hLoYPxohtqhdOaxV:on2UaDrBR8tKlPChtqhdXV
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-