Analysis
-
max time kernel
105s -
max time network
100s -
platform
windows10-2004_x64 -
resource
win10v2004-20240802-en -
resource tags
arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system -
submitted
02/10/2024, 22:39
Static task
static1
Behavioral task
behavioral1
Sample
0cbd8525a3e2715ab24e8dbfdd087340_JaffaCakes118.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
0cbd8525a3e2715ab24e8dbfdd087340_JaffaCakes118.exe
Resource
win10v2004-20240802-en
General
-
Target
0cbd8525a3e2715ab24e8dbfdd087340_JaffaCakes118.exe
-
Size
37KB
-
MD5
0cbd8525a3e2715ab24e8dbfdd087340
-
SHA1
6954732b71c0926193f347e04184e17ea87b1d43
-
SHA256
6e9d5d596ff505197b937308fa463e9d27f5bcd6e81df383e317673fbd08c3af
-
SHA512
3410bc8669c440e439190e8dcf9387185a1b0554a2478f2cbfa41213c4e4faf136533e3dad2f103a819501fcaf71effbe92ea4b540bb879212bcec9fd1f90ee9
-
SSDEEP
768:iVATSMdj2drWga/IrMcO7A5cqLTNqMs/ipL6lRZ95x:EVmwORkuwJqMs/i6h5x
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
192.168.1.111:1233
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
description ioc Process Key opened \REGISTRY\MACHINE\SYSTEM\ControlSet001\Control\NLS\Language 0cbd8525a3e2715ab24e8dbfdd087340_JaffaCakes118.exe