General

  • Target

    f9e447f53762ed3850cdbd947339006e_JaffaCakes118

  • Size

    68KB

  • MD5

    f9e447f53762ed3850cdbd947339006e

  • SHA1

    1ee36f6ee75f3020b1e9e99be49ee523eef772ef

  • SHA256

    f249678a970d9d4dd8d590e76030ef162f0ed2f13057620328c941c33d9c3a7b

  • SHA512

    44c2ba845c4f3c87cd1d8b868dabf9dbc54e3b970493c837e7ff641114fb8224c5e40f12bdbd6f08bc8af51f01abf53c0aaa84e9e8643e6737ed8130959179f9

  • SSDEEP

    1536:snbrsZb/mA+H6LkI06JUEbooPRrKKR8fWJ:8brspd4I06JltZrpR8f+

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.211.135:7890

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • f9e447f53762ed3850cdbd947339006e_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    419c3fe8c1eefea9336b96f74f0951dd


    Headers

    Imports

    Sections