General

  • Target

    0adc2b0d3992d7945a869afaeb2bf184_JaffaCakes118

  • Size

    71KB

  • Sample

    240621-l6jz5swaje

  • MD5

    0adc2b0d3992d7945a869afaeb2bf184

  • SHA1

    353da7a46f09a934756d84f51e67fa6c32a1f7b0

  • SHA256

    2d72c18476825dfa3af0bc611f55e69d9922bc9cb1cd09409376c79a62fdc1bf

  • SHA512

    bb80b4ad4ee6c0876b223065cd5b694e8982adfab242b92f9b6fd6007f6bf65f975f4e81551e2c8d2b5e02f01c69953fd72bf3693e5f4aa396c0efd3f49f7f77

  • SSDEEP

    1536:LwOnbNQKLjWDyy1o5I0foMJUEbooPRrKKReFX3:hNQKPWDyDI0fFJltZrpReFX3

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.71:4444

Targets

    • Target

      0adc2b0d3992d7945a869afaeb2bf184_JaffaCakes118

    • Size

      71KB

    • MD5

      0adc2b0d3992d7945a869afaeb2bf184

    • SHA1

      353da7a46f09a934756d84f51e67fa6c32a1f7b0

    • SHA256

      2d72c18476825dfa3af0bc611f55e69d9922bc9cb1cd09409376c79a62fdc1bf

    • SHA512

      bb80b4ad4ee6c0876b223065cd5b694e8982adfab242b92f9b6fd6007f6bf65f975f4e81551e2c8d2b5e02f01c69953fd72bf3693e5f4aa396c0efd3f49f7f77

    • SSDEEP

      1536:LwOnbNQKLjWDyy1o5I0foMJUEbooPRrKKReFX3:hNQKPWDyDI0fFJltZrpReFX3

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks