General
-
Target
f99b3b75f86bb6e275b7500fefe178ef_JaffaCakes118
-
Size
228KB
-
Sample
240419-f7pn5aba8w
-
MD5
f99b3b75f86bb6e275b7500fefe178ef
-
SHA1
b31f72450b435373e6a1d2d77092d0cc33d7580a
-
SHA256
81891f4658e178e464c7f5eb6e0fe3941bbee6b5516ce07286e94d73ab42e99a
-
SHA512
3441cf5b34e52cef448a4b0b06cb1cac58de26ce4ed7bea8c93d5bd5f1090e150c86d400dcbda0dda51468592388e6ae4531e5d519ed3e779724d40caba6c58c
-
SSDEEP
3072:bsu3qM4wU4qOC1eljl+G4OKHfdOAfRw3y1hdlUVaZb2N9RUN1tCeTb:VqM4DfWjl+VpHfdOShr4a92DGN1Db
Static task
static1
Behavioral task
behavioral1
Sample
f99b3b75f86bb6e275b7500fefe178ef_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f99b3b75f86bb6e275b7500fefe178ef_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
f99b3b75f86bb6e275b7500fefe178ef_JaffaCakes118
-
Size
228KB
-
MD5
f99b3b75f86bb6e275b7500fefe178ef
-
SHA1
b31f72450b435373e6a1d2d77092d0cc33d7580a
-
SHA256
81891f4658e178e464c7f5eb6e0fe3941bbee6b5516ce07286e94d73ab42e99a
-
SHA512
3441cf5b34e52cef448a4b0b06cb1cac58de26ce4ed7bea8c93d5bd5f1090e150c86d400dcbda0dda51468592388e6ae4531e5d519ed3e779724d40caba6c58c
-
SSDEEP
3072:bsu3qM4wU4qOC1eljl+G4OKHfdOAfRw3y1hdlUVaZb2N9RUN1tCeTb:VqM4DfWjl+VpHfdOShr4a92DGN1Db
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-