General
-
Target
fe00bff7669498b5844dd116f7f3b75a_JaffaCakes118
-
Size
57KB
-
Sample
240421-atdrtaeb27
-
MD5
fe00bff7669498b5844dd116f7f3b75a
-
SHA1
eabca6f8d0fcba1c214ac6ad9fbc7b3dee39d366
-
SHA256
2d72ace2d765c9ff37bd1d1f2370153713beb3ca8e8194db7624bc54f3e32d4a
-
SHA512
089fc880dd7b9626340b37cf6ce7b742179c41625362c054eae807585dfc74400689b56e83906bc902330b969cab1960b57acd619c771f03e8c80fc1fb279a7d
-
SSDEEP
768:uB5w5TqbKEG843lYw4iPlHVZWmw4iPlHVZWUMwSDwr095qgfkVW9XZxUDMFvDS:W5w5T8L8lB7PL27PLawYOYM6T9X/UDg
Static task
static1
Behavioral task
behavioral1
Sample
fe00bff7669498b5844dd116f7f3b75a_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
fe00bff7669498b5844dd116f7f3b75a_JaffaCakes118.exe
Resource
win10v2004-20240412-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
fe00bff7669498b5844dd116f7f3b75a_JaffaCakes118
-
Size
57KB
-
MD5
fe00bff7669498b5844dd116f7f3b75a
-
SHA1
eabca6f8d0fcba1c214ac6ad9fbc7b3dee39d366
-
SHA256
2d72ace2d765c9ff37bd1d1f2370153713beb3ca8e8194db7624bc54f3e32d4a
-
SHA512
089fc880dd7b9626340b37cf6ce7b742179c41625362c054eae807585dfc74400689b56e83906bc902330b969cab1960b57acd619c771f03e8c80fc1fb279a7d
-
SSDEEP
768:uB5w5TqbKEG843lYw4iPlHVZWmw4iPlHVZWUMwSDwr095qgfkVW9XZxUDMFvDS:W5w5T8L8lB7PL27PLawYOYM6T9X/UDg
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-