General

  • Target

    0e5ec449725e6eb86915592946ec9c33_JaffaCakes118

  • Size

    72KB

  • MD5

    0e5ec449725e6eb86915592946ec9c33

  • SHA1

    48263918d281f5d7335c9a6b38b0772fcc44632f

  • SHA256

    d4d7a3eecb268db0c9154f5870bd43bfab976e36595fa61de2b40748865a1903

  • SHA512

    1dabaac8dceef0481415f3063a49a8da3fb22083f936b66bd4e07b1d3df336a60b2ce01a62a188d632da17797b5d25aadc546df21ebc7a66cc7874e4223b3d53

  • SSDEEP

    1536:IZNInCBUtA7+mgkylC1pjF/qIXYRXcJhMb+KR0Nc8QsJq39:moCitA7+amCpqblae0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

172.16.0.76:8888

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 0e5ec449725e6eb86915592946ec9c33_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections