General
-
Target
ff96bb98be4f75d80372bdbe8614e84c_JaffaCakes118
-
Size
114KB
-
Sample
240421-st4x4sef2w
-
MD5
ff96bb98be4f75d80372bdbe8614e84c
-
SHA1
09ed36f766d06aeaa135e51a6ab3a29a5623bef8
-
SHA256
3f9b3a74099b9f88ac806ca2bb97c3e297ed9bc315afc6d30dd30b899afcffb7
-
SHA512
57306c43df1e563d1586d72086e6d3c9cbaac11a1fdebc85b1efbceebece76c750d238b2ad41deb5a9ac638920f106ac9658cd86b2d877a7054636c9a8f9ee30
-
SSDEEP
3072:21TJclJKhzmEDx3gX28giLs/Y8jePZ2K553:2tylJKm2qDVLsTe553
Static task
static1
Behavioral task
behavioral1
Sample
ff96bb98be4f75d80372bdbe8614e84c_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
ff96bb98be4f75d80372bdbe8614e84c_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
ff96bb98be4f75d80372bdbe8614e84c_JaffaCakes118
-
Size
114KB
-
MD5
ff96bb98be4f75d80372bdbe8614e84c
-
SHA1
09ed36f766d06aeaa135e51a6ab3a29a5623bef8
-
SHA256
3f9b3a74099b9f88ac806ca2bb97c3e297ed9bc315afc6d30dd30b899afcffb7
-
SHA512
57306c43df1e563d1586d72086e6d3c9cbaac11a1fdebc85b1efbceebece76c750d238b2ad41deb5a9ac638920f106ac9658cd86b2d877a7054636c9a8f9ee30
-
SSDEEP
3072:21TJclJKhzmEDx3gX28giLs/Y8jePZ2K553:2tylJKm2qDVLsTe553
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-