Analysis
-
max time kernel
93s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20241007-en -
resource tags
-
submitted
23-12-2024 22:25
General
-
Target
JaffaCakes118_076b94a0b653e5c2d074d2014c6d3f0adf575f22b997e12d3a767aa4fbfac411.exe
-
Size
2.5MB
-
MD5
4c0c3dd4ab8d557729c5bf4d38fa03bd
-
SHA1
d4c1abee2d4dc6bb0bd457a1630c0282ba9c641e
-
SHA256
076b94a0b653e5c2d074d2014c6d3f0adf575f22b997e12d3a767aa4fbfac411
-
SHA512
b1f2854f9a98eabf0dbf5194799a75603d101a1813a0e302697f7bdeb13ea6dd624086a73f2d2aa8d70909be29d968f9d32b8b0725108537573025e85be0ae22
-
SSDEEP
49152:NUadRV4/3dgccsKxJ5nj6GipJGDK0pmy5OqQqkOgz/ZH2SSeJa:SC6gccsK75njbWGDZmmR0ESrA
Score
10/10
Malware Config
Extracted
Family
metasploit
Version
encoder/shikata_ga_nai
Extracted
Family
metasploit
Version
windows/reverse_tcp
C2
192.168.0.153:4444
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
UPX packed file 2 IoCs
Detects executables packed with UPX/modified UPX open source packer.
Processes
-
C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_076b94a0b653e5c2d074d2014c6d3f0adf575f22b997e12d3a767aa4fbfac411.exe"C:\Users\Admin\AppData\Local\Temp\JaffaCakes118_076b94a0b653e5c2d074d2014c6d3f0adf575f22b997e12d3a767aa4fbfac411.exe"1⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3.0MB
-
Filesize
3.0MB