Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
29-05-2024 13:48
Behavioral task
behavioral1
Sample
80f37ffad07bc832be18235fecf29a43_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
80f37ffad07bc832be18235fecf29a43_JaffaCakes118.exe
Resource
win10v2004-20240508-en
General
-
Target
80f37ffad07bc832be18235fecf29a43_JaffaCakes118.exe
-
Size
503KB
-
MD5
80f37ffad07bc832be18235fecf29a43
-
SHA1
bd9711c3afd96b55a4d766541e2e5e22a4bd1d11
-
SHA256
315c695e59a7b90e6464a2d8702de430b9ac8aadf28e9b78d8580727fa4afd70
-
SHA512
0295e52bc9fabc3c23b7eacdecff7da33618524c2e2fe0b62b8c872fb07e02071006e8aa20ec20ca9294812678de4512d8fcdffd968dfcbe1170d524084e47f9
-
SSDEEP
6144:PBJBbIOkgKzCe9dMVHsGLULRTXFewKFWTyMTkiYCw+VSvGFal+412cicnoACqzMF:5JBMOkce9dgHs+UTVhdK12ciOs60V
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Signatures
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
Processes:
80f37ffad07bc832be18235fecf29a43_JaffaCakes118.exepid process 3040 80f37ffad07bc832be18235fecf29a43_JaffaCakes118.exe