General

  • Target

    28e4a70c01b3cb16f438443a7b3e4aaf_JaffaCakes118

  • Size

    144KB

  • Sample

    240706-vcrybsxhqe

  • MD5

    28e4a70c01b3cb16f438443a7b3e4aaf

  • SHA1

    9e37b26b2d102a7341f96acb3f4508fdc7fbb4db

  • SHA256

    ae8bce326829b9ba5b961959ca6885bb5a8c370382d402de788b693d302174d0

  • SHA512

    3f284b125c7407f8fb2f96ac3288dd5a37b78b194dfe2f0d2d8aa2fc1c1a033e033a43b9b3d5bf44ec07b29a860ebc6104017559e6fdb7c61aa665c9494d0a46

  • SSDEEP

    3072:NbRgFCR3/YfuAe0Nc8QsCiPrGSrgv90N0b+W3x7Se6jC1yrC:Nmc3ge0Nc8Qs59rxO+W3x7SLlW

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

38.125.19.7:4444

Targets

    • Target

      28e4a70c01b3cb16f438443a7b3e4aaf_JaffaCakes118

    • Size

      144KB

    • MD5

      28e4a70c01b3cb16f438443a7b3e4aaf

    • SHA1

      9e37b26b2d102a7341f96acb3f4508fdc7fbb4db

    • SHA256

      ae8bce326829b9ba5b961959ca6885bb5a8c370382d402de788b693d302174d0

    • SHA512

      3f284b125c7407f8fb2f96ac3288dd5a37b78b194dfe2f0d2d8aa2fc1c1a033e033a43b9b3d5bf44ec07b29a860ebc6104017559e6fdb7c61aa665c9494d0a46

    • SSDEEP

      3072:NbRgFCR3/YfuAe0Nc8QsCiPrGSrgv90N0b+W3x7Se6jC1yrC:Nmc3ge0Nc8Qs59rxO+W3x7SLlW

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks