General

  • Target

    0486e60ab6e829ec199a4fef0876a546_JaffaCakes118

  • Size

    132KB

  • MD5

    0486e60ab6e829ec199a4fef0876a546

  • SHA1

    99ef3286f95bf24024686adb07dcd48f66e67930

  • SHA256

    8f369c9c502820607029481caf83e5a470c5dfcf6ef0a2fc9b86198db21e5fdc

  • SHA512

    1bc132a50153c5164cf48f8e2199fa5969d5a7f7bd3ae95841849cd97916a5acc792ea61e66465e09c8a4201be0de7c8a647329dc3f2b60b31ec20918e005866

  • SSDEEP

    3072:8l8OXUyQPrRViImiUtsavtfqMUObkFlnFwtE:zOEyQPrQIalf2Oo9Z

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.206.136:43287

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0486e60ab6e829ec199a4fef0876a546_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    834a107ad82ab45d9b44d283c7d4b679


    Headers

    Imports

    Sections