General
-
Target
fc6bcd2d90675df3765fadb40c322c2c_JaffaCakes118
-
Size
15KB
-
Sample
240420-k8f6ladc56
-
MD5
fc6bcd2d90675df3765fadb40c322c2c
-
SHA1
26f512df0afb819c8998a1a689c8d4714a825ff0
-
SHA256
ff46c12456ecb9d60a0e3a3f1504d800471dc06c002287f36e41e03ad7d7ac70
-
SHA512
b2569f7a6c5997d6222be3468aec53c8a4951e4648d5ceb25d70996fe33faf3d2a8ca8c490159764517e5d85f9aac09a048e3589566688e1e5ea1487a426196e
-
SSDEEP
192:I8PW8guKnghi2BR8k5PF+nbGG2dqsF7cXlNIFHWMzzwBTjfcor5lzsIWrXOLVWU4:JW84nglBRBl6bG584HUFLcWZs7C9RTS
Static task
static1
Behavioral task
behavioral1
Sample
fc6bcd2d90675df3765fadb40c322c2c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fc6bcd2d90675df3765fadb40c322c2c_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
windows/reverse_tcp_dns
mclean-43290.portmap.host:60886
Targets
-
-
Target
fc6bcd2d90675df3765fadb40c322c2c_JaffaCakes118
-
Size
15KB
-
MD5
fc6bcd2d90675df3765fadb40c322c2c
-
SHA1
26f512df0afb819c8998a1a689c8d4714a825ff0
-
SHA256
ff46c12456ecb9d60a0e3a3f1504d800471dc06c002287f36e41e03ad7d7ac70
-
SHA512
b2569f7a6c5997d6222be3468aec53c8a4951e4648d5ceb25d70996fe33faf3d2a8ca8c490159764517e5d85f9aac09a048e3589566688e1e5ea1487a426196e
-
SSDEEP
192:I8PW8guKnghi2BR8k5PF+nbGG2dqsF7cXlNIFHWMzzwBTjfcor5lzsIWrXOLVWU4:JW84nglBRBl6bG584HUFLcWZs7C9RTS
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-