General

  • Target

    72eaf9e0dd8ead16bd1025165908e41b_JaffaCakes118

  • Size

    49KB

  • Sample

    240525-xgppwaef48

  • MD5

    72eaf9e0dd8ead16bd1025165908e41b

  • SHA1

    567a9075a3e9124a50973c4ab0a1f64395b1b526

  • SHA256

    be4c49df859762dc2c7d11794f5731dd498698158b11a9ff18b3f91fdc1f591a

  • SHA512

    a9f09063322a978a8dfb1ba8544b63db291e1ace0194ed8f242d43ed1fb75f847d0e51c74ac4e03abf2bac5f84894d43d5878ed7c9add249297ac584dcdaa671

  • SSDEEP

    768:GlW7aYQ3ulHyXirDpLdOEszh208/2brW/xZwErd5H0GC47CqpA:/7aKxOEWh208/2brW/vrd9JC47W

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://31.44.184.125:80/tYX7

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; ASU2JS)

Targets

    • Target

      72eaf9e0dd8ead16bd1025165908e41b_JaffaCakes118

    • Size

      49KB

    • MD5

      72eaf9e0dd8ead16bd1025165908e41b

    • SHA1

      567a9075a3e9124a50973c4ab0a1f64395b1b526

    • SHA256

      be4c49df859762dc2c7d11794f5731dd498698158b11a9ff18b3f91fdc1f591a

    • SHA512

      a9f09063322a978a8dfb1ba8544b63db291e1ace0194ed8f242d43ed1fb75f847d0e51c74ac4e03abf2bac5f84894d43d5878ed7c9add249297ac584dcdaa671

    • SSDEEP

      768:GlW7aYQ3ulHyXirDpLdOEszh208/2brW/xZwErd5H0GC47CqpA:/7aKxOEWh208/2brW/vrd9JC47W

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks