General
-
Target
ed40279d7f952e316070b71ff3c36f0d_JaffaCakes118
-
Size
37KB
-
Sample
241213-3mygvstjdq
-
MD5
ed40279d7f952e316070b71ff3c36f0d
-
SHA1
97553125a942ed849116337880736d3b89581423
-
SHA256
d2f0f8adf2f50181444457447763a5398e0245a4b37e8ed860bc2b0b2dd9b9c9
-
SHA512
dd4be0ed0b3681ad39f16a0980ed37092edcd665713a9bbab483c525ae803419184ae302a52a2b66486a36f33cbf8a00efd898a180e442d07941230023fcadb2
-
SSDEEP
768:cVATSMlMOt1+5aCxIfmwYirAIwnVONNM5Kq/6lRZ95x:WV4MUu4UxV8NMMRh5x
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
ed40279d7f952e316070b71ff3c36f0d_JaffaCakes118
-
Size
37KB
-
MD5
ed40279d7f952e316070b71ff3c36f0d
-
SHA1
97553125a942ed849116337880736d3b89581423
-
SHA256
d2f0f8adf2f50181444457447763a5398e0245a4b37e8ed860bc2b0b2dd9b9c9
-
SHA512
dd4be0ed0b3681ad39f16a0980ed37092edcd665713a9bbab483c525ae803419184ae302a52a2b66486a36f33cbf8a00efd898a180e442d07941230023fcadb2
-
SSDEEP
768:cVATSMlMOt1+5aCxIfmwYirAIwnVONNM5Kq/6lRZ95x:WV4MUu4UxV8NMMRh5x
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Unexpected DNS network traffic destination
Network traffic to other servers than the configured DNS servers was detected on the DNS port.
-