General

  • Target

    629b5426581b4b57c0f651b0c924a7df_JaffaCakes118

  • Size

    72KB

  • Sample

    240722-kyd89azbmj

  • MD5

    629b5426581b4b57c0f651b0c924a7df

  • SHA1

    ed95f2ef8c3288ec6ec0708ea16754e9b936d7e6

  • SHA256

    5db43ea7675001dd29b342c611e2f713e78a7faee8bc4e3c2e22460f7b6d3ee0

  • SHA512

    c81fdc285a07f8eef93560942809679536442927578eab30596582f2b42d57414b84e1cb06f288cbe79fd4109927d95d355e38b5f99ba5040be69d663bb5bbef

  • SSDEEP

    1536:IwqLYe/sgH0ZU5merZpHwIMb+KR0Nc8QsJq39:+csH0Crfe0Nc8QsC9

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

172.16.104.130:31337

Targets

    • Target

      629b5426581b4b57c0f651b0c924a7df_JaffaCakes118

    • Size

      72KB

    • MD5

      629b5426581b4b57c0f651b0c924a7df

    • SHA1

      ed95f2ef8c3288ec6ec0708ea16754e9b936d7e6

    • SHA256

      5db43ea7675001dd29b342c611e2f713e78a7faee8bc4e3c2e22460f7b6d3ee0

    • SHA512

      c81fdc285a07f8eef93560942809679536442927578eab30596582f2b42d57414b84e1cb06f288cbe79fd4109927d95d355e38b5f99ba5040be69d663bb5bbef

    • SSDEEP

      1536:IwqLYe/sgH0ZU5merZpHwIMb+KR0Nc8QsJq39:+csH0Crfe0Nc8QsC9

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

MITRE ATT&CK Matrix

Tasks