General

  • Target

    873bd8bcf623adf232d27608e84f5d71_JaffaCakes118

  • Size

    72KB

  • MD5

    873bd8bcf623adf232d27608e84f5d71

  • SHA1

    ae4c661fce24f10caad41923ad3e3cddb0d432e8

  • SHA256

    82344dfa377f5ab6c5fb8a15d61794b0e79d7eefd36fb7071d8d472545b25153

  • SHA512

    b96a90e5fe945a229179f459a16359f13b39c4f616b06a62918ffd95e079517c09cb2ab0f1b929c3b65322adf9526299eb71dbefe73fa0934bc9a220177645f7

  • SSDEEP

    1536:IVV11KMLupJDqjbTwRLC/umjeMb+KR0Nc8Qs:sV14HybkIue0Nc8Qs

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

10.1.10.31:4444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 873bd8bcf623adf232d27608e84f5d71_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections