General
-
Target
JaffaCakes118_6323a45896bd788fb255163b81f4b768
-
Size
312KB
-
Sample
250102-gx397sxlcv
-
MD5
6323a45896bd788fb255163b81f4b768
-
SHA1
5b704b92cc97ebf37183b2f796d4ee2ebe58b282
-
SHA256
0ddb70ec9de23f3c234ee16c0b1bc8ed37b87a6f86e71d26ddecefe360212caf
-
SHA512
36005ac936a2a8574280ebef08392c73c387920ba53367c7c846abae9bc8991794f1a5c349221ec3e9034d7bc71854c7ee0631e771f3010b08a65f2af441635f
-
SSDEEP
6144:KqLzGyzpKalLBQmBy6CvR97TLIktfMVQ3bte7n9EX6WCTO7wHPFJbK:JphltQX9IKLt89EX6WOFJ
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Extracted
metasploit
windows/shell_reverse_tcp
0.0.0.0:443
Targets
-
-
Target
JaffaCakes118_6323a45896bd788fb255163b81f4b768
-
Size
312KB
-
MD5
6323a45896bd788fb255163b81f4b768
-
SHA1
5b704b92cc97ebf37183b2f796d4ee2ebe58b282
-
SHA256
0ddb70ec9de23f3c234ee16c0b1bc8ed37b87a6f86e71d26ddecefe360212caf
-
SHA512
36005ac936a2a8574280ebef08392c73c387920ba53367c7c846abae9bc8991794f1a5c349221ec3e9034d7bc71854c7ee0631e771f3010b08a65f2af441635f
-
SSDEEP
6144:KqLzGyzpKalLBQmBy6CvR97TLIktfMVQ3bte7n9EX6WCTO7wHPFJbK:JphltQX9IKLt89EX6WOFJ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Executes dropped EXE
-
Loads dropped DLL
-
Suspicious use of SetThreadContext
-
UPX packed file
Detects executables packed with UPX/modified UPX open source packer.
-