General

  • Target

    021bf4ebf999ef42f95ef609a98e1bb9_JaffaCakes118

  • Size

    72KB

  • Sample

    240622-plx8taxhmb

  • MD5

    021bf4ebf999ef42f95ef609a98e1bb9

  • SHA1

    023c12bdc035b6a4590744bb9448e3490b82510d

  • SHA256

    2770296bc1c55f93a7ecab82e326036c32efd04bb7123b33dd1f19ed6182bdc7

  • SHA512

    99429c3d60370fda1f6828406d84dc7bcc2ca7b6dd6a800856ba5718ff6b84fd32b67e22505b20536aaa8b46a5580174ce4a51e16aa33ce957ea8148f04cc7a5

  • SSDEEP

    1536:IITcq9iRfkpbBP/DpPNcOFMb+KR0Nc8QsJq39:viR+NP/FPyWe0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

172.16.158.1:31337

Targets

    • Target

      021bf4ebf999ef42f95ef609a98e1bb9_JaffaCakes118

    • Size

      72KB

    • MD5

      021bf4ebf999ef42f95ef609a98e1bb9

    • SHA1

      023c12bdc035b6a4590744bb9448e3490b82510d

    • SHA256

      2770296bc1c55f93a7ecab82e326036c32efd04bb7123b33dd1f19ed6182bdc7

    • SHA512

      99429c3d60370fda1f6828406d84dc7bcc2ca7b6dd6a800856ba5718ff6b84fd32b67e22505b20536aaa8b46a5580174ce4a51e16aa33ce957ea8148f04cc7a5

    • SSDEEP

      1536:IITcq9iRfkpbBP/DpPNcOFMb+KR0Nc8QsJq39:viR+NP/FPyWe0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks