General

  • Target

    3a34453430863a99b6d25eb688c54280_JaffaCakes118

  • Size

    37KB

  • MD5

    3a34453430863a99b6d25eb688c54280

  • SHA1

    aae876fa649472fb0e1ca1c23aab35c99e9bbb59

  • SHA256

    6243ea050db3dc8f115a10a2528eedb55a1a3200d4a768a96b4208b51d37dba5

  • SHA512

    c34398f3a649d8efd141017a7b628e60d72aaf08f83da40ec1d161f67840723fb83af93e41cd2d1cbd2ba2ab8d0cfecf18494bafda21b9403ae4f9ac647018db

  • SSDEEP

    768:CVA9LSMnD92rgpUIpiLO7AOcqLTNPk9KpQ6lRZ95x:kk28D6ykbwJPkoph5x

Score
10/10

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

10.5.196.4:4444

Signatures

  • Metasploit family
  • Unsigned PE 1 IoCs

    Checks for missing Authenticode signature.

Files

  • 3a34453430863a99b6d25eb688c54280_JaffaCakes118
    .exe windows:5 windows x86 arch:x86

    2e80c00d68efcf6d11ca6cbbc73bd947


    Headers

    Imports

    Sections