Analysis
-
max time kernel
119s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
06-07-2024 00:03
Behavioral task
behavioral1
Sample
27382c67138a6549db4ff30d00c628c4_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
27382c67138a6549db4ff30d00c628c4_JaffaCakes118.exe
Resource
win10v2004-20240704-en
General
-
Target
27382c67138a6549db4ff30d00c628c4_JaffaCakes118.exe
-
Size
72KB
-
MD5
27382c67138a6549db4ff30d00c628c4
-
SHA1
26be06ff200384448025db24df11a8b5a2132f4f
-
SHA256
0ea0cbaad20bbd1879011331e2edc6ebad04fe12b2a553f533b2605d4dbab612
-
SHA512
0a59a546c23ca3368da30e767f51d8d3f0cc5c3e2727f36529b79fb49d830820eb7bf1f6ed330ae2d3373afb96380b872e9226bc1bae991a6152c3ddb0d9c579
-
SSDEEP
1536:IYMf5ZdMmu4lfB4PTEGlYfW5mMb+KR0Nc8QsJq39:e5huN5l4W5me0Nc8QsC9
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
63.68.153.160:53
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Unexpected DNS network traffic destination 1 IoCs
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
description ioc Destination IP 63.68.153.160