General

  • Target

    291e5c9be3fb7dbb938836cce236b6db_JaffaCakes118

  • Size

    444KB

  • Sample

    240706-wqfb5azhpf

  • MD5

    291e5c9be3fb7dbb938836cce236b6db

  • SHA1

    e2e5d32aa35a08706324c9259700cf3f79e194fd

  • SHA256

    5bacbbd48a3f83b346966b357bb9cc1e12d20bd86148370ad03dfed5b9382d8f

  • SHA512

    fc446ce89fdce08db9c2ee516a522547a848334ce10fa6be4d4b773eca3f0e816fe200d2fce6788b4a99e994635071cd943b7fd5027b1e0cc2d863c7c328d26e

  • SSDEEP

    6144:TWlKhygr9/wGYZ6fsjHqSUbyfLWbT/vWsR631e3GFImaUepGaZmRA7fFnb26Vx6K:T8uI30FqLajg31MWNedgQn6

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.0.104:8080

Targets

    • Target

      291e5c9be3fb7dbb938836cce236b6db_JaffaCakes118

    • Size

      444KB

    • MD5

      291e5c9be3fb7dbb938836cce236b6db

    • SHA1

      e2e5d32aa35a08706324c9259700cf3f79e194fd

    • SHA256

      5bacbbd48a3f83b346966b357bb9cc1e12d20bd86148370ad03dfed5b9382d8f

    • SHA512

      fc446ce89fdce08db9c2ee516a522547a848334ce10fa6be4d4b773eca3f0e816fe200d2fce6788b4a99e994635071cd943b7fd5027b1e0cc2d863c7c328d26e

    • SSDEEP

      6144:TWlKhygr9/wGYZ6fsjHqSUbyfLWbT/vWsR631e3GFImaUepGaZmRA7fFnb26Vx6K:T8uI30FqLajg31MWNedgQn6

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks