Overview

overview

10

Static

static

10

628140c37a...18.exe

windows7-x64

10

628140c37a...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    628140c37acd76fdff6e4468bc7b70e0_JaffaCakes118

  • Size

    13KB

  • MD5

    628140c37acd76fdff6e4468bc7b70e0

  • SHA1

    928f2e134d4aad5f2f9363a2cffa38fa4c625f51

  • SHA256

    086210bdd32ff404de7a3d3b80f32230f8fe59325c0fcb3ca89dd548ff9c00c9

  • SHA512

    b5621e4659573e26233278045254fb6ae51dd27976bb68cd0538311907a18be0ad9fd783cff1c18040b2b553f6c81a1536b770c75b3d192a34fadc9fd71926bf

  • SSDEEP

    96:pa24UDmBVNZ5xmFDxCkFWBqb5zG6d8Ki5:cbTHD5JkFWBaG6d8Ks

Score
10/10
metasploit

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

6.6.6.139:4444

Signatures

  • Metasploit family
    metasploit
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 628140c37acd76fdff6e4468bc7b70e0_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    9fc2d3b8d1032c25ebeeb29a8f8970c9


    Headers

    Imports

    Sections