General
-
Target
f38eb87defd745e84caf86544431588b_JaffaCakes118
-
Size
279KB
-
Sample
240416-qcs36scd91
-
MD5
f38eb87defd745e84caf86544431588b
-
SHA1
3043a43459191b73bcd666bb87cd0397f1ecfa1b
-
SHA256
2fbeb5f59042c9e15f89ec882022545d98d1421afcb2f84c165bdf385cc5cb5f
-
SHA512
b8d5080f2a86b9e518def1e42ccfc020dcdfee1e73e0230df3c4efb0089ae710a2a3a3d096ae024f2198f9d6fc7be87806cc82a0b376485bf5042940e78cb905
-
SSDEEP
6144:Xep1D2k+GBYw9Ui92YrjwinRHy1BGQCIzb:Xep1cGWZk2KjXndy1BR
Static task
static1
Behavioral task
behavioral1
Sample
f38eb87defd745e84caf86544431588b_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f38eb87defd745e84caf86544431588b_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
windows/download_exec
http://101.99.90.100:443/jquery-3.3.1.slim.min.js
Targets
-
-
Target
f38eb87defd745e84caf86544431588b_JaffaCakes118
-
Size
279KB
-
MD5
f38eb87defd745e84caf86544431588b
-
SHA1
3043a43459191b73bcd666bb87cd0397f1ecfa1b
-
SHA256
2fbeb5f59042c9e15f89ec882022545d98d1421afcb2f84c165bdf385cc5cb5f
-
SHA512
b8d5080f2a86b9e518def1e42ccfc020dcdfee1e73e0230df3c4efb0089ae710a2a3a3d096ae024f2198f9d6fc7be87806cc82a0b376485bf5042940e78cb905
-
SSDEEP
6144:Xep1D2k+GBYw9Ui92YrjwinRHy1BGQCIzb:Xep1cGWZk2KjXndy1BR
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Suspicious use of SetThreadContext
-