General

  • Target

    00c19004ac2efc80f0e786e0dd40d4c3_JaffaCakes118

  • Size

    132KB

  • Sample

    240623-z19khawakr

  • MD5

    00c19004ac2efc80f0e786e0dd40d4c3

  • SHA1

    4a499ee015382cfbb1f71f7479d08f7efd4bcff8

  • SHA256

    cdf45c166420f953a63bc9aff822d5523825b66663bc4743d26f9bb7c607b89d

  • SHA512

    8519cda9cb89f3193f7d1672ca4cfaf1d42180a6c181fa02fbc70356c1e24f0bcc6a6ec7f7fe1828da06dfa3fb5f8b0611d30f82bbd4c305000b2852a6612866

  • SSDEEP

    3072:IYybs82psnF0J50IRjB6tCMTd2hLla4YVjRYjs7Ow9StuPMQ:IYqspsnF0tQYhLlUNa69tk

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.120.131:555

Targets

    • Target

      00c19004ac2efc80f0e786e0dd40d4c3_JaffaCakes118

    • Size

      132KB

    • MD5

      00c19004ac2efc80f0e786e0dd40d4c3

    • SHA1

      4a499ee015382cfbb1f71f7479d08f7efd4bcff8

    • SHA256

      cdf45c166420f953a63bc9aff822d5523825b66663bc4743d26f9bb7c607b89d

    • SHA512

      8519cda9cb89f3193f7d1672ca4cfaf1d42180a6c181fa02fbc70356c1e24f0bcc6a6ec7f7fe1828da06dfa3fb5f8b0611d30f82bbd4c305000b2852a6612866

    • SSDEEP

      3072:IYybs82psnF0J50IRjB6tCMTd2hLla4YVjRYjs7Ow9StuPMQ:IYqspsnF0tQYhLlUNa69tk

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks