General

  • Target

    59db341777df8ac64fc4f3769167d806_JaffaCakes118

  • Size

    288KB

  • MD5

    59db341777df8ac64fc4f3769167d806

  • SHA1

    072e682853ecacb67050055918535b215f90e58b

  • SHA256

    c97a3391e2520aebfe4c24c14d3140daa3c098aca416c28fb5e5e19315e41ff4

  • SHA512

    17eecf1bef753b7421003360bf30f4f985c6f74fcc2921eb030e4d7bc94de061a4b1e45f2a123e23631b186d12cddc84618ef991d35b03a226c74a5f632cdb2f

  • SSDEEP

    6144:YGF6FN7BE7WJzktqOlhD0J+wZVJy67cK:aN9vTMYJ+wZVJy6

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

0.0.0.0:443

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 59db341777df8ac64fc4f3769167d806_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    205fcd40c9562970436b9e64ad20e789


    Headers

    Imports

    Sections