General
-
Target
f5c996dea16972ed0adc764a919eb546_JaffaCakes118
-
Size
65KB
-
Sample
240417-pvhjqafc82
-
MD5
f5c996dea16972ed0adc764a919eb546
-
SHA1
4ac02ffec612538e7f0f8ea3454070d395846fcd
-
SHA256
e80114bfdb827695374891a6f8f1b6a0915040545815656090fdbbaf1b1df47c
-
SHA512
ca928882b0553fb12299872e7112736b2bcc538e291d2c80f68b335763ba1e4b3c2d6a915039a576bfdbc2ed5922f011a7afe2398fda9d2e28c9d9b47560eb9d
-
SSDEEP
1536:mR3dGGAtZ+HHWahiXYG75IS0b8+CV7nO:IdG3sHGXD5t0b8+CxO
Behavioral task
behavioral1
Sample
f5c996dea16972ed0adc764a919eb546_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f5c996dea16972ed0adc764a919eb546_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
f5c996dea16972ed0adc764a919eb546_JaffaCakes118
-
Size
65KB
-
MD5
f5c996dea16972ed0adc764a919eb546
-
SHA1
4ac02ffec612538e7f0f8ea3454070d395846fcd
-
SHA256
e80114bfdb827695374891a6f8f1b6a0915040545815656090fdbbaf1b1df47c
-
SHA512
ca928882b0553fb12299872e7112736b2bcc538e291d2c80f68b335763ba1e4b3c2d6a915039a576bfdbc2ed5922f011a7afe2398fda9d2e28c9d9b47560eb9d
-
SSDEEP
1536:mR3dGGAtZ+HHWahiXYG75IS0b8+CV7nO:IdG3sHGXD5t0b8+CxO
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Adds Run key to start application
-