General
-
Target
f22571f2ab50cdd6a32779313872d108_JaffaCakes118
-
Size
101KB
-
Sample
240415-278mwsch6w
-
MD5
f22571f2ab50cdd6a32779313872d108
-
SHA1
ddb518c695c27f4dbdf77ca969643843cdc8acbe
-
SHA256
c2518bd316a8d2bf4d4b2d0c0be72332c2d1734901a604d98d7ee14f83d77b22
-
SHA512
3378e7631ef678ec6816c78160df343282342fcd9f5d8a8e732d6c9d34f804431d8d0ea2b3078beaf14a1c026831b76f84eed7928caab86fdd6786e48f4e48c5
-
SSDEEP
1536:ozv7zCs4XgrH/iazvGT2luhMAxsjw7sWrt4wk4+jhl:i6Pgzaazve2LKzYWrt4wyV
Behavioral task
behavioral1
Sample
f22571f2ab50cdd6a32779313872d108_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f22571f2ab50cdd6a32779313872d108_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
f22571f2ab50cdd6a32779313872d108_JaffaCakes118
-
Size
101KB
-
MD5
f22571f2ab50cdd6a32779313872d108
-
SHA1
ddb518c695c27f4dbdf77ca969643843cdc8acbe
-
SHA256
c2518bd316a8d2bf4d4b2d0c0be72332c2d1734901a604d98d7ee14f83d77b22
-
SHA512
3378e7631ef678ec6816c78160df343282342fcd9f5d8a8e732d6c9d34f804431d8d0ea2b3078beaf14a1c026831b76f84eed7928caab86fdd6786e48f4e48c5
-
SSDEEP
1536:ozv7zCs4XgrH/iazvGT2luhMAxsjw7sWrt4wk4+jhl:i6Pgzaazve2LKzYWrt4wyV
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-