General
-
Target
f9fb08ed4f08993119ae5e8b299ea601_JaffaCakes118
-
Size
51KB
-
Sample
240419-k6gz4sde34
-
MD5
f9fb08ed4f08993119ae5e8b299ea601
-
SHA1
a48a9c554e9ae628d93d81d69cc9aa193bedef64
-
SHA256
d4849995e9cf86d8a9bb9b7f87fda789434ac7c4358cf2c1fe99ccbe01af361b
-
SHA512
ebdc8fe0c817049e8a63238ae62b593d412d04559c5d534071602b168d7f9b67e5185473b46022b94bd6472562cc79067501e389c930e56df45d611a455c00be
-
SSDEEP
1536:uI1trRSGvB+c9ukzEF6q0J5mAE1oVW+EDkQI:uWrYyBNo25mAESVWPAd
Static task
static1
Behavioral task
behavioral1
Sample
f9fb08ed4f08993119ae5e8b299ea601_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f9fb08ed4f08993119ae5e8b299ea601_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
f9fb08ed4f08993119ae5e8b299ea601_JaffaCakes118
-
Size
51KB
-
MD5
f9fb08ed4f08993119ae5e8b299ea601
-
SHA1
a48a9c554e9ae628d93d81d69cc9aa193bedef64
-
SHA256
d4849995e9cf86d8a9bb9b7f87fda789434ac7c4358cf2c1fe99ccbe01af361b
-
SHA512
ebdc8fe0c817049e8a63238ae62b593d412d04559c5d534071602b168d7f9b67e5185473b46022b94bd6472562cc79067501e389c930e56df45d611a455c00be
-
SSDEEP
1536:uI1trRSGvB+c9ukzEF6q0J5mAE1oVW+EDkQI:uWrYyBNo25mAESVWPAd
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-