General
-
Target
fe14ab6cdb298b93420e2a6b295134fa_JaffaCakes118
-
Size
400KB
-
Sample
240421-bkjr5sfa56
-
MD5
fe14ab6cdb298b93420e2a6b295134fa
-
SHA1
7f9eb898131984e7227f492e22a6e447f5c688ff
-
SHA256
32e0aa84467fbe642c7ffc3b0096828c6c93937b8fe3cf95c4f0fe232c896e4f
-
SHA512
55be76409d535efe0744a86bcd81e869f8b6ce62b98b11dff9d75095546e68bb1aeb1402efa1f44297d6f1cd7b1971cd1cbd0a904672d2e2a170d0c671b2ba9d
-
SSDEEP
6144:nvx8ABHjygIViQLfxSuhdTvFlvlgs4Oh9sSQj9FzMLm61h7UX:np8ABHjyg6iQtLTvFlvn4S9sSQj966X
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
fe14ab6cdb298b93420e2a6b295134fa_JaffaCakes118
-
Size
400KB
-
MD5
fe14ab6cdb298b93420e2a6b295134fa
-
SHA1
7f9eb898131984e7227f492e22a6e447f5c688ff
-
SHA256
32e0aa84467fbe642c7ffc3b0096828c6c93937b8fe3cf95c4f0fe232c896e4f
-
SHA512
55be76409d535efe0744a86bcd81e869f8b6ce62b98b11dff9d75095546e68bb1aeb1402efa1f44297d6f1cd7b1971cd1cbd0a904672d2e2a170d0c671b2ba9d
-
SSDEEP
6144:nvx8ABHjygIViQLfxSuhdTvFlvlgs4Oh9sSQj9FzMLm61h7UX:np8ABHjyg6iQtLTvFlvn4S9sSQj966X
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-