Overview

overview

10

Static

static

10

e3631a0236...18.exe

windows7-x64

10

e3631a0236...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e3631a0236a5733560bfe19be91385fd_JaffaCakes118

  • Size

    205KB

  • Sample

    240915-z92agstama

  • MD5

    e3631a0236a5733560bfe19be91385fd

  • SHA1

    c6fc0f06db230a150d0830cdd45774ee917953f3

  • SHA256

    4f1a3c3702e6c66a845c3c1a360e0ebbf61cc7f424dcad489a9281471183b9da

  • SHA512

    fe8ef10f0855eff360857ce4f70ca765d788155c2992d7740e79fa89461f40d7e99e80920155c324375a252f30de30a7b3a7debf9cab964e767af63285db9dca

  • SSDEEP

    3072:I1puozpwxjYvidVX5DFfouwsJ7I5TXOIBewoSGlmIqEHYFKEVsMlaoZYJEqwNsc5:I1pnKBV9mTtXOwoSGmpUEiMIieur

Score
10/10
metasploitbackdoordiscoverytrojanupx

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

125.167.90.103:4444

Targets

    • Target

      e3631a0236a5733560bfe19be91385fd_JaffaCakes118

    • Size

      205KB

    • MD5

      e3631a0236a5733560bfe19be91385fd

    • SHA1

      c6fc0f06db230a150d0830cdd45774ee917953f3

    • SHA256

      4f1a3c3702e6c66a845c3c1a360e0ebbf61cc7f424dcad489a9281471183b9da

    • SHA512

      fe8ef10f0855eff360857ce4f70ca765d788155c2992d7740e79fa89461f40d7e99e80920155c324375a252f30de30a7b3a7debf9cab964e767af63285db9dca

    • SSDEEP

      3072:I1puozpwxjYvidVX5DFfouwsJ7I5TXOIBewoSGlmIqEHYFKEVsMlaoZYJEqwNsc5:I1pnKBV9mTtXOwoSGmpUEiMIieur

    Score
    10/10
    metasploitbackdoordiscoverytrojanupx

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks