General

  • Target

    ce19893ed115b427decd7c2cfd715c54_JaffaCakes118

  • Size

    2.7MB

  • MD5

    ce19893ed115b427decd7c2cfd715c54

  • SHA1

    708373bb35d458567d9b05720436e9544be0d4cd

  • SHA256

    c3e3d7ea9a65b061d181569d07482f918ae1ecafee6fbc1f77c82317371f5e86

  • SHA512

    759ae839e38a251034ee02f4afb898fbe0dfe8250cede854ab8aa288c3ebd493dd7f27562ca77503f7ef863dc7619c7ce430c5c4fa06a9368c1e626c98a84389

  • SSDEEP

    49152:SQQz5uQI7PFSEpImSqZOh5r/zB+11GEeRiHP8CumrZyR8d7n:P8S0s+HB+zcFgrMSr

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.0.2.15:155

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • ce19893ed115b427decd7c2cfd715c54_JaffaCakes118
    .exe windows:4 windows x64 arch:x64


    Headers

    Sections