General
-
Target
495bcf192b3dae922860d12930895d4e_JaffaCakes118
-
Size
400KB
-
Sample
240516-elca8sbb7v
-
MD5
495bcf192b3dae922860d12930895d4e
-
SHA1
238114adc53bc8b558228923fb9be157bd73a516
-
SHA256
84ca876bbd78325680eb98498b1bd85786bd140b53650a00e2d87213920e057f
-
SHA512
b391e4d29e27042b941632536a4b6b2bcf018f63460bce6fcc850ba19bc1d804a4cfa9ef8724406b0738214bb90845f697a81955864a6b30291682e56b3ca748
-
SSDEEP
6144:yjxJbwaxzExxnpifB2FccqNHlabtRFA1gQj/+zMtm61F:yjxNwaxIxIGccqNH6tnA1gQj/h
Behavioral task
behavioral1
Sample
495bcf192b3dae922860d12930895d4e_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
495bcf192b3dae922860d12930895d4e_JaffaCakes118.exe
Resource
win10v2004-20240426-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
495bcf192b3dae922860d12930895d4e_JaffaCakes118
-
Size
400KB
-
MD5
495bcf192b3dae922860d12930895d4e
-
SHA1
238114adc53bc8b558228923fb9be157bd73a516
-
SHA256
84ca876bbd78325680eb98498b1bd85786bd140b53650a00e2d87213920e057f
-
SHA512
b391e4d29e27042b941632536a4b6b2bcf018f63460bce6fcc850ba19bc1d804a4cfa9ef8724406b0738214bb90845f697a81955864a6b30291682e56b3ca748
-
SSDEEP
6144:yjxJbwaxzExxnpifB2FccqNHlabtRFA1gQj/+zMtm61F:yjxNwaxIxIGccqNH6tnA1gQj/h
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-