General
-
Target
4d12df4ec5f2f0ce59d5d9ffd12feda7_JaffaCakes118
-
Size
34KB
-
Sample
240516-z749csha5s
-
MD5
4d12df4ec5f2f0ce59d5d9ffd12feda7
-
SHA1
c6da737b88b43b4f3d67ddbb5db2cfb9fb79c49e
-
SHA256
036758a7559851fa28c9d93224ffde645a46b735c7c582e055c5f3316f43fea6
-
SHA512
29f6c6e0963f76c831b31d22bbe761a066b3ebf927dc34d97edf153782c2e29c4e49242bb394499b10073c5dfa275977afc4f576b2b046b602244ba042e5abe8
-
SSDEEP
768:q6jXMn2wvcNLIWMS0hvmA/O4m8SSk2SWaMYA+AitHjN:RA2pLpMth5NNWWhY0it5
Malware Config
Extracted
metasploit
windows/download_exec
http://shop.redlist.cyou:443/QXpC
http://fangfuzi.flashdiaoyu.pw:2053/x3fK
Targets
-
-
Target
4d12df4ec5f2f0ce59d5d9ffd12feda7_JaffaCakes118
-
Size
34KB
-
MD5
4d12df4ec5f2f0ce59d5d9ffd12feda7
-
SHA1
c6da737b88b43b4f3d67ddbb5db2cfb9fb79c49e
-
SHA256
036758a7559851fa28c9d93224ffde645a46b735c7c582e055c5f3316f43fea6
-
SHA512
29f6c6e0963f76c831b31d22bbe761a066b3ebf927dc34d97edf153782c2e29c4e49242bb394499b10073c5dfa275977afc4f576b2b046b602244ba042e5abe8
-
SSDEEP
768:q6jXMn2wvcNLIWMS0hvmA/O4m8SSk2SWaMYA+AitHjN:RA2pLpMth5NNWWhY0it5
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-