General
-
Target
e28cf6caa5334019a4999cdc11945206_JaffaCakes118
-
Size
173KB
-
Sample
240406-pq1vhaah73
-
MD5
e28cf6caa5334019a4999cdc11945206
-
SHA1
e5ffe80f8c7c2272793f61b83c9e7bd1621e31df
-
SHA256
4afd9f0dde092daeac3f3e6ffb0aee06682b3dba6005d2bd1a914eefd5cc6a30
-
SHA512
48f348b5a055790dd57f5759b9305a3c4486a1c4f75a757c76f0de76d0b2c2a3d0be0766ba1b6f2d7f2a71acf257cc11b825fee47bb7e37a42467da596b70d19
-
SSDEEP
3072:Fq4taaCrtdYHrKVHP82Zq0Cx3b810q6Yt7SP:A4UxU+q0U3IPSP
Static task
static1
Behavioral task
behavioral1
Sample
e28cf6caa5334019a4999cdc11945206_JaffaCakes118.dll
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
e28cf6caa5334019a4999cdc11945206_JaffaCakes118.dll
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
windows/download_exec
http://5.34.178.140:80/image-directory/be.jpg
- headers Host: samejd.com Connection: close User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/47.0.2526.111 Safari/537.36
Targets
-
-
Target
e28cf6caa5334019a4999cdc11945206_JaffaCakes118
-
Size
173KB
-
MD5
e28cf6caa5334019a4999cdc11945206
-
SHA1
e5ffe80f8c7c2272793f61b83c9e7bd1621e31df
-
SHA256
4afd9f0dde092daeac3f3e6ffb0aee06682b3dba6005d2bd1a914eefd5cc6a30
-
SHA512
48f348b5a055790dd57f5759b9305a3c4486a1c4f75a757c76f0de76d0b2c2a3d0be0766ba1b6f2d7f2a71acf257cc11b825fee47bb7e37a42467da596b70d19
-
SSDEEP
3072:Fq4taaCrtdYHrKVHP82Zq0Cx3b810q6Yt7SP:A4UxU+q0U3IPSP
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-