Overview

overview

10

Static

static

10

1c12bc927e...18.exe

windows7-x64

10

1c12bc927e...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1c12bc927e7cc6ee67f985f4f116bcc3_JaffaCakes118

  • Size

    92KB

  • Sample

    240701-w8wrtsshmd

  • MD5

    1c12bc927e7cc6ee67f985f4f116bcc3

  • SHA1

    f6bfeb4ccdb494458bf048d5fb02c589b75b54a6

  • SHA256

    2c3bd60999591990a3079093e3d62afb2a42baceaa19051684851836beb13455

  • SHA512

    2406d6982f32f8a8d91bc22b72212e5d16458d4d69ce42a7256cf88f13791624756032fc2320566cc6e6d214a9687e814a2acaafeb0d4d6ae943a3771bfb3f97

  • SSDEEP

    1536:W2RqlUmLhsWw4SPls0cnH1LJiw2dcJjU+oSuHzlQ1geGuRM9jivWguNap5+xyGR+:YU6ua

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.99.120:4444

Targets

    • Target

      1c12bc927e7cc6ee67f985f4f116bcc3_JaffaCakes118

    • Size

      92KB

    • MD5

      1c12bc927e7cc6ee67f985f4f116bcc3

    • SHA1

      f6bfeb4ccdb494458bf048d5fb02c589b75b54a6

    • SHA256

      2c3bd60999591990a3079093e3d62afb2a42baceaa19051684851836beb13455

    • SHA512

      2406d6982f32f8a8d91bc22b72212e5d16458d4d69ce42a7256cf88f13791624756032fc2320566cc6e6d214a9687e814a2acaafeb0d4d6ae943a3771bfb3f97

    • SSDEEP

      1536:W2RqlUmLhsWw4SPls0cnH1LJiw2dcJjU+oSuHzlQ1geGuRM9jivWguNap5+xyGR+:YU6ua

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks