General
-
Target
81d819dea19ee3bb68e4fc270ef6137c_JaffaCakes118
-
Size
16KB
-
Sample
240529-zergssha91
-
MD5
81d819dea19ee3bb68e4fc270ef6137c
-
SHA1
7e878ab341636f6cd2ef5800979e2c2810dacff0
-
SHA256
5c1d901f04a966c1b3017696a6541143e1948d2373603b39efaf8d192408b435
-
SHA512
01673a25cd2acf376636ce9825f83b8c4792d7449985d25ed3ddcbae9451acfcf7e01cf798eb06b334df57c1b190a4c2d2aeb84523fc228492c64dea0f997a9a
-
SSDEEP
192:5d9slT64N6d7aIbEaS5pqYMYXai9jOXbI+VNJypif7vF6Unb2/VS5shxu:5dRFEaoq7kjILVNJXp6Unb205s
Static task
static1
Behavioral task
behavioral1
Sample
81d819dea19ee3bb68e4fc270ef6137c_JaffaCakes118.dll
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
81d819dea19ee3bb68e4fc270ef6137c_JaffaCakes118.dll
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/reverse_winhttp
https://1.tcp.cpolar.cn:20784/GzpeqbOPBJcyoTOgbc2pJwb-QePe0oW4h0_9IqjDapTaaAnz-tG_XqBmtRXdGdwpolYMmLYDcD1JqqbjMJ-rnOqoI1k3PzExMmzFdIl6vs7R3_4QKrHEp26utMSXhwBYOu
Targets
-
-
Target
81d819dea19ee3bb68e4fc270ef6137c_JaffaCakes118
-
Size
16KB
-
MD5
81d819dea19ee3bb68e4fc270ef6137c
-
SHA1
7e878ab341636f6cd2ef5800979e2c2810dacff0
-
SHA256
5c1d901f04a966c1b3017696a6541143e1948d2373603b39efaf8d192408b435
-
SHA512
01673a25cd2acf376636ce9825f83b8c4792d7449985d25ed3ddcbae9451acfcf7e01cf798eb06b334df57c1b190a4c2d2aeb84523fc228492c64dea0f997a9a
-
SSDEEP
192:5d9slT64N6d7aIbEaS5pqYMYXai9jOXbI+VNJypif7vF6Unb2/VS5shxu:5dRFEaoq7kjILVNJXp6Unb205s
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-