General
-
Target
223e0bac1159b31184a9ccfe6a7c91e9_JaffaCakes118
-
Size
126KB
-
Sample
240507-3pr3vshd75
-
MD5
223e0bac1159b31184a9ccfe6a7c91e9
-
SHA1
a2b5d13e00ce8063816f1c47cf2c964539f13ea5
-
SHA256
e1dd13adcffb3306d7baea74d54f030b7dccdc51e16398da55ab7a794b11dc43
-
SHA512
8d10fd10834e13cdb743e07ed896b8844da0a0ea215035ffc09bbbc26de0b502add030522a50ba233707cb04a89c2cbddf17bee882dfc1a4f341562c8019c686
-
SSDEEP
3072:K2sMWkzbJh1qZ9QW69hd1MMdxPe9N9uA0hu9TBfcX5XKY64:LbJhs7QW69hd1MMdxPe9N9uA0hu9TBgn
Static task
static1
Behavioral task
behavioral1
Sample
223e0bac1159b31184a9ccfe6a7c91e9_JaffaCakes118.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
223e0bac1159b31184a9ccfe6a7c91e9_JaffaCakes118.exe
Resource
win10v2004-20240419-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/reverse_tcp
10.0.2.15:4444
Targets
-
-
Target
223e0bac1159b31184a9ccfe6a7c91e9_JaffaCakes118
-
Size
126KB
-
MD5
223e0bac1159b31184a9ccfe6a7c91e9
-
SHA1
a2b5d13e00ce8063816f1c47cf2c964539f13ea5
-
SHA256
e1dd13adcffb3306d7baea74d54f030b7dccdc51e16398da55ab7a794b11dc43
-
SHA512
8d10fd10834e13cdb743e07ed896b8844da0a0ea215035ffc09bbbc26de0b502add030522a50ba233707cb04a89c2cbddf17bee882dfc1a4f341562c8019c686
-
SSDEEP
3072:K2sMWkzbJh1qZ9QW69hd1MMdxPe9N9uA0hu9TBfcX5XKY64:LbJhs7QW69hd1MMdxPe9N9uA0hu9TBgn
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-