General

  • Target

    0a92889623baa76c6722a5e6d15e6fa0_JaffaCakes118

  • Size

    476KB

  • Sample

    240621-krzxdatclf

  • MD5

    0a92889623baa76c6722a5e6d15e6fa0

  • SHA1

    27599fb6f6b2a0c9b73c5acc02029ec18656cf03

  • SHA256

    774bddb87a76f71a4a76e2281b7dbd77b9ea535b0741e9f203cbd6c9deb24cb3

  • SHA512

    d456823881040a2c69d5b2ca7d50fa6df4b8e4b26141ad3b12e94ebf35008db4a9dca801a9cdbc427b3fb887636336bac5845ca6b8862c5eb844159f079739c0

  • SSDEEP

    12288:v743NHanev1s4kd83ubHX2+v1g8YyCCTlaG9PnV6I:jgN6nY13ebHX2+tlNl7V6

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.56.1:31337

Targets

    • Target

      0a92889623baa76c6722a5e6d15e6fa0_JaffaCakes118

    • Size

      476KB

    • MD5

      0a92889623baa76c6722a5e6d15e6fa0

    • SHA1

      27599fb6f6b2a0c9b73c5acc02029ec18656cf03

    • SHA256

      774bddb87a76f71a4a76e2281b7dbd77b9ea535b0741e9f203cbd6c9deb24cb3

    • SHA512

      d456823881040a2c69d5b2ca7d50fa6df4b8e4b26141ad3b12e94ebf35008db4a9dca801a9cdbc427b3fb887636336bac5845ca6b8862c5eb844159f079739c0

    • SSDEEP

      12288:v743NHanev1s4kd83ubHX2+v1g8YyCCTlaG9PnV6I:jgN6nY13ebHX2+tlNl7V6

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks