General
-
Target
f938fc9db448a786e0f335b08d3e49b3_JaffaCakes118
-
Size
5.6MB
-
Sample
240419-b3bt9aeb6z
-
MD5
f938fc9db448a786e0f335b08d3e49b3
-
SHA1
6c43310964cf66c3122673899164022ff25df508
-
SHA256
36f73e1b174faf36802edbb9cb999a566112fc61aada6a393788593048b7a7a3
-
SHA512
44ad069dfb8c9e646c75ba76439e6d15d33d3f548dccb5d5f14e52f545ab196c4c3ba5f46d4c88158b3abc1cc30d59ff5db6467b142ea975171a7894146abb90
-
SSDEEP
98304:aGdUKip5Wn9VvFeHmi/jmANuvqKmGlSuftdcNSWJVMg2YRW+P2KEkUeQ:ldi3WZi7MqKmGwu1yNSWnV2IW5dJ
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Targets
-
-
Target
f938fc9db448a786e0f335b08d3e49b3_JaffaCakes118
-
Size
5.6MB
-
MD5
f938fc9db448a786e0f335b08d3e49b3
-
SHA1
6c43310964cf66c3122673899164022ff25df508
-
SHA256
36f73e1b174faf36802edbb9cb999a566112fc61aada6a393788593048b7a7a3
-
SHA512
44ad069dfb8c9e646c75ba76439e6d15d33d3f548dccb5d5f14e52f545ab196c4c3ba5f46d4c88158b3abc1cc30d59ff5db6467b142ea975171a7894146abb90
-
SSDEEP
98304:aGdUKip5Wn9VvFeHmi/jmANuvqKmGlSuftdcNSWJVMg2YRW+P2KEkUeQ:ldi3WZi7MqKmGwu1yNSWnV2IW5dJ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-