General
-
Target
2ce9781cec2f025011f227c1b48e0e4b_JaffaCakes118
-
Size
35KB
-
Sample
240510-c1apvadh2y
-
MD5
2ce9781cec2f025011f227c1b48e0e4b
-
SHA1
9a6b6a23079e1afdcbb45cf0ebb840a62ac0eed9
-
SHA256
b53509b8ac150a97e626255ef30563799eb623677dff85cc0775aaf919f64295
-
SHA512
54b1a0cd2e999a1da7d5fc3e3008d34fdfcb9503eae5905cada34fd7f31603c271b914cbc8603f4c34da5ea5ebb4c27b8d8763fbae1cbb182f17e4db4f837acf
-
SSDEEP
768:ZK1Tgbyw3sz25o16yN9rjXjBCKs2bATlFFdmSSQcG+88S7+pTMV:ZK1Tgbyw3sz25o16yN9rjXjBCKs2ATl1
Behavioral task
behavioral1
Sample
2ce9781cec2f025011f227c1b48e0e4b_JaffaCakes118.xls
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
2ce9781cec2f025011f227c1b48e0e4b_JaffaCakes118.xls
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/reverse_http
http://192.168.100.48:441/epZt6KpNHVkE8QXwX9EXsAw6NTHtiHB3ZMNlDj2auAy4BjiwEXhsiO
Targets
-
-
Target
2ce9781cec2f025011f227c1b48e0e4b_JaffaCakes118
-
Size
35KB
-
MD5
2ce9781cec2f025011f227c1b48e0e4b
-
SHA1
9a6b6a23079e1afdcbb45cf0ebb840a62ac0eed9
-
SHA256
b53509b8ac150a97e626255ef30563799eb623677dff85cc0775aaf919f64295
-
SHA512
54b1a0cd2e999a1da7d5fc3e3008d34fdfcb9503eae5905cada34fd7f31603c271b914cbc8603f4c34da5ea5ebb4c27b8d8763fbae1cbb182f17e4db4f837acf
-
SSDEEP
768:ZK1Tgbyw3sz25o16yN9rjXjBCKs2bATlFFdmSSQcG+88S7+pTMV:ZK1Tgbyw3sz25o16yN9rjXjBCKs2ATl1
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Process spawned suspicious child process
This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
-