General

  • Target

    JaffaCakes118_d30ea163bc964e33301e01ecaeb03fef289e89d6209030e9954151610b861efa

  • Size

    4.4MB

  • Sample

    241225-cr862svkhn

  • MD5

    66ce6c5ebd48aeb4a52593f5c5736433

  • SHA1

    75823676fbb3500540a45701f1a532e597556a63

  • SHA256

    d30ea163bc964e33301e01ecaeb03fef289e89d6209030e9954151610b861efa

  • SHA512

    ba6b549729cd0b27998382c5bbe8d03437cfc1e9b3f20bd126946598f197eb6687cf1ca9aa72982af0bbf47ca0af7b07004eef2819b1a1020e279a3b30677c1d

  • SSDEEP

    98304:VTob8QH57XzQ0W/F92bARPxCzl1XTS8Li1EoYYRQN36V4FJYzLr/f+MXVmP:2bBlXsj/F9IKcR1EeYRw6CbYzGMFmP

Malware Config

Extracted

Family

metasploit

Version

windows/single_exec

Targets

    • Target

      JaffaCakes118_d30ea163bc964e33301e01ecaeb03fef289e89d6209030e9954151610b861efa

    • Size

      4.4MB

    • MD5

      66ce6c5ebd48aeb4a52593f5c5736433

    • SHA1

      75823676fbb3500540a45701f1a532e597556a63

    • SHA256

      d30ea163bc964e33301e01ecaeb03fef289e89d6209030e9954151610b861efa

    • SHA512

      ba6b549729cd0b27998382c5bbe8d03437cfc1e9b3f20bd126946598f197eb6687cf1ca9aa72982af0bbf47ca0af7b07004eef2819b1a1020e279a3b30677c1d

    • SSDEEP

      98304:VTob8QH57XzQ0W/F92bARPxCzl1XTS8Li1EoYYRQN36V4FJYzLr/f+MXVmP:2bBlXsj/F9IKcR1EeYRw6CbYzGMFmP

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

    • Glupteba family

    • Glupteba payload

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

MITRE ATT&CK Enterprise v15

Tasks