General

  • Target

    a5d731912377cf37dcc57bec39611985_JaffaCakes118

  • Size

    72KB

  • MD5

    a5d731912377cf37dcc57bec39611985

  • SHA1

    95e311038d16c7f9859d55e2a6413ec183323820

  • SHA256

    668491c3f7f8dfc3a5e9eee9274afcbc32771f44829c6e507797e2e79b1d8eeb

  • SHA512

    5bc9c29689c350c9f60b7714b0bfea3507425fe53160bf9b4b2d1ba9c1678aff353c3eff68af38de1f1a961ff0881c994d2a681c3cac9942945673bd299fe59f

  • SSDEEP

    1536:IOVMc51sgIwzLSPCx6th8b6LcBb7YrMb+KR0Nc8QsJq39:DVMEsgIASPCOCb2cB3Ye0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.178.25:6666

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • a5d731912377cf37dcc57bec39611985_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections