General

  • Target

    148dfb02a2b7459a8e9f0db1465d1fd1_JaffaCakes118

  • Size

    72KB

  • MD5

    148dfb02a2b7459a8e9f0db1465d1fd1

  • SHA1

    c60339d8d40431613347c86021a305b58a48a89a

  • SHA256

    a554c65dda50e2287fdc2a170901b566b4e03b75bbbb0c7408ca61283b9abe0b

  • SHA512

    d504c95e7566afd1a94cd8ee2a677855d7ff01811da7620db1c3378b6a4442a509cf8a592e19b613dd456c6929228522dd2e6925c23170ba39f20f03e41d761b

  • SSDEEP

    1536:I4yZ5NyNILlROrNH8ipAKSghjU+Mb+KR0Nc8QsJq39:orJAFjjU+e0Nc8QsC9

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.93.134:4444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 148dfb02a2b7459a8e9f0db1465d1fd1_JaffaCakes118
    .exe windows:4 windows x86 arch:x86

    481f47bbb2c9c21e108d65f52b04c448


    Headers

    Imports

    Sections