General

  • Target

    62875631a5933e116a85818542605a74_JaffaCakes118

  • Size

    72KB

  • Sample

    240722-khdb1sydkn

  • MD5

    62875631a5933e116a85818542605a74

  • SHA1

    6135bec708c524a366a20658099da125fc3020d2

  • SHA256

    2e2d487736d8a896cc46c2408b56f3d72c1d01a0284906b57059af20917a6d60

  • SHA512

    4b1014e86d8df4019de41cf6b04193f16d105e955e2e8eeb337fbe89f0b838dc67dd4c4f4de6ce4a54f83c2c573a4ea27bac7ea2de800ec9977417a49d784f4d

  • SSDEEP

    1536:IcFqns8biaW2PitCfEqZCYCsakw9C410Mb+KR0Nc8QsJq39:RQnssytl2Ob6e0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.100:4444

Targets

    • Target

      62875631a5933e116a85818542605a74_JaffaCakes118

    • Size

      72KB

    • MD5

      62875631a5933e116a85818542605a74

    • SHA1

      6135bec708c524a366a20658099da125fc3020d2

    • SHA256

      2e2d487736d8a896cc46c2408b56f3d72c1d01a0284906b57059af20917a6d60

    • SHA512

      4b1014e86d8df4019de41cf6b04193f16d105e955e2e8eeb337fbe89f0b838dc67dd4c4f4de6ce4a54f83c2c573a4ea27bac7ea2de800ec9977417a49d784f4d

    • SSDEEP

      1536:IcFqns8biaW2PitCfEqZCYCsakw9C410Mb+KR0Nc8QsJq39:RQnssytl2Ob6e0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks