General
-
Target
1b2ed889908f29793690d904db080e70_JaffaCakes118
-
Size
72KB
-
Sample
240701-nzjrxazdne
-
MD5
1b2ed889908f29793690d904db080e70
-
SHA1
2693f12b4186354c8c7f0d03cb0cbf3d94bc7b4b
-
SHA256
c20a98bf480b2fa31015f642e9c43d27554029add11bd1a9a3e3439f128ba3e5
-
SHA512
7ba9d7ddbc3d3425df7230aa84425e55adf0963da18ae5e448cb3a03b3d9c4fa733edd27e6e0e541d3fe4a1297a62d1544db61a55f1568aa1c902e49acfa9e4c
-
SSDEEP
1536:IIsGyMNxrSeFd36IwUaqjRv8dKMb+KR0Nc8QsJq39:lRrSeFB6ItjRv8dKe0Nc8QsC9
Behavioral task
behavioral1
Sample
1b2ed889908f29793690d904db080e70_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1b2ed889908f29793690d904db080e70_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Extracted
metasploit
windows/download_exec
http://192.168.1.23:8443/Aa3Kt
Extracted
metasploit
encoder/shikata_ga_nai
Targets
-
-
Target
1b2ed889908f29793690d904db080e70_JaffaCakes118
-
Size
72KB
-
MD5
1b2ed889908f29793690d904db080e70
-
SHA1
2693f12b4186354c8c7f0d03cb0cbf3d94bc7b4b
-
SHA256
c20a98bf480b2fa31015f642e9c43d27554029add11bd1a9a3e3439f128ba3e5
-
SHA512
7ba9d7ddbc3d3425df7230aa84425e55adf0963da18ae5e448cb3a03b3d9c4fa733edd27e6e0e541d3fe4a1297a62d1544db61a55f1568aa1c902e49acfa9e4c
-
SSDEEP
1536:IIsGyMNxrSeFd36IwUaqjRv8dKMb+KR0Nc8QsJq39:lRrSeFB6ItjRv8dKe0Nc8QsC9
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-