General

  • Target

    2593ff42b56c768f8536507a11502025_JaffaCakes118

  • Size

    47KB

  • Sample

    240704-vea3la1gre

  • MD5

    2593ff42b56c768f8536507a11502025

  • SHA1

    e51ce8c5044b66edb93f59885219ac0fcad7dd9c

  • SHA256

    4875d544c67477251a4fbe59981994f4498c034789aedba740c40581f300838e

  • SHA512

    106cd3fc79d316b02d8ce6e2bc1b62f8bae1bba44eb251e8ec2fdb3f415ccf22d9b2c79b125dd6a47fa662d8883aacde2cee6e98865efa27c4de7298c789dec9

  • SSDEEP

    768:Ido2V9b3b0cyWLD63eLDWyqpM0tKi8J5GB7magTVW+P/h6UES9kq3:IiacW/63Gr35aghZHZESqq3

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.4:31337

Targets

    • Target

      2593ff42b56c768f8536507a11502025_JaffaCakes118

    • Size

      47KB

    • MD5

      2593ff42b56c768f8536507a11502025

    • SHA1

      e51ce8c5044b66edb93f59885219ac0fcad7dd9c

    • SHA256

      4875d544c67477251a4fbe59981994f4498c034789aedba740c40581f300838e

    • SHA512

      106cd3fc79d316b02d8ce6e2bc1b62f8bae1bba44eb251e8ec2fdb3f415ccf22d9b2c79b125dd6a47fa662d8883aacde2cee6e98865efa27c4de7298c789dec9

    • SSDEEP

      768:Ido2V9b3b0cyWLD63eLDWyqpM0tKi8J5GB7magTVW+P/h6UES9kq3:IiacW/63Gr35aghZHZESqq3

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Matrix

Tasks