General

  • Target

    29179bfba50e1195ec163151798cc6c2_JaffaCakes118

  • Size

    15KB

  • Sample

    240706-wkpzdazfpa

  • MD5

    29179bfba50e1195ec163151798cc6c2

  • SHA1

    cd4fca181ebc4fbe31ea577845e9f6aed4f9abba

  • SHA256

    582a435659643487ee90d925a908ec454a39c1268904997c0bd6a6baf7950929

  • SHA512

    dc42e3c93e25492d098dfe146f15469b63a938d4f6d53e2bfb1f79407a88694071c669cb0d2bccf5ce1f6665e507fc556f6d67dbd67d4b259aad587ed87ab706

  • SSDEEP

    96:/yPPuW5phc7tpWcUhqlUfP+eDD5CRU/EVW/zSWPTT2B+YSw7b:KPB/cCQW2eDMRU8g7Z7T2P7b

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.2.223:4444

Targets

    • Target

      29179bfba50e1195ec163151798cc6c2_JaffaCakes118

    • Size

      15KB

    • MD5

      29179bfba50e1195ec163151798cc6c2

    • SHA1

      cd4fca181ebc4fbe31ea577845e9f6aed4f9abba

    • SHA256

      582a435659643487ee90d925a908ec454a39c1268904997c0bd6a6baf7950929

    • SHA512

      dc42e3c93e25492d098dfe146f15469b63a938d4f6d53e2bfb1f79407a88694071c669cb0d2bccf5ce1f6665e507fc556f6d67dbd67d4b259aad587ed87ab706

    • SSDEEP

      96:/yPPuW5phc7tpWcUhqlUfP+eDD5CRU/EVW/zSWPTT2B+YSw7b:KPB/cCQW2eDMRU8g7Z7T2P7b

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks