General
-
Target
303f486490b099a40f8786abd53fb7f8_JaffaCakes118
-
Size
195KB
-
Sample
240510-v5hv5acc42
-
MD5
303f486490b099a40f8786abd53fb7f8
-
SHA1
fb834998ffd0a056fc435270702609f66bf5b377
-
SHA256
b8a1ecdac45c0d6c815cc70031cb0549b3a8a4dec7adeb8b1e216549e52cbaa9
-
SHA512
eb3a1409ca7492a13a516016cc9b3a95cbc09ff9805432c75f3b4f4bb61855d1471ec56c6569eec459b1cb90658822574be74954615bfd7df8945807cdd4f7cb
-
SSDEEP
6144:TdTg+9TSueE1+lyrgIOU243CXlWzcYtZaPN:NgO+lUb2DX2Z6N
Behavioral task
behavioral1
Sample
303f486490b099a40f8786abd53fb7f8_JaffaCakes118.docm
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
303f486490b099a40f8786abd53fb7f8_JaffaCakes118.docm
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/reverse_tcp
192.168.2.81:4444
Targets
-
-
Target
303f486490b099a40f8786abd53fb7f8_JaffaCakes118
-
Size
195KB
-
MD5
303f486490b099a40f8786abd53fb7f8
-
SHA1
fb834998ffd0a056fc435270702609f66bf5b377
-
SHA256
b8a1ecdac45c0d6c815cc70031cb0549b3a8a4dec7adeb8b1e216549e52cbaa9
-
SHA512
eb3a1409ca7492a13a516016cc9b3a95cbc09ff9805432c75f3b4f4bb61855d1471ec56c6569eec459b1cb90658822574be74954615bfd7df8945807cdd4f7cb
-
SSDEEP
6144:TdTg+9TSueE1+lyrgIOU243CXlWzcYtZaPN:NgO+lUb2DX2Z6N
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-