General
-
Target
8822b510c7a6084e481376ed48e8e074_JaffaCakes118
-
Size
4.1MB
-
Sample
240531-yfph6aba2t
-
MD5
8822b510c7a6084e481376ed48e8e074
-
SHA1
c092ff067deeadd5a1b8d9d67df959b45a6dd389
-
SHA256
551e815844958ea8e208775ebc5fd8e8de97d743e20fe24b63bdbda1414fc98a
-
SHA512
a538e18a0cdda3f2cc37ec702a1833eae1038cb370d1538d911718e1c5a459aaf377e349670ea069295b71b72dc3bf4a0d60fe601c70554bd52e660826e6cb6d
-
SSDEEP
98304:p/IfWQ2qr04vMLOMzHZ/R11zg/e0cJcX2UbCS/2wmrh3yj:cWQ2s04Gj1n1zgngo2ohmW
Static task
static1
Behavioral task
behavioral1
Sample
8822b510c7a6084e481376ed48e8e074_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
8822b510c7a6084e481376ed48e8e074_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
metasploit_stager
172.16.4.78:4444
Targets
-
-
Target
8822b510c7a6084e481376ed48e8e074_JaffaCakes118
-
Size
4.1MB
-
MD5
8822b510c7a6084e481376ed48e8e074
-
SHA1
c092ff067deeadd5a1b8d9d67df959b45a6dd389
-
SHA256
551e815844958ea8e208775ebc5fd8e8de97d743e20fe24b63bdbda1414fc98a
-
SHA512
a538e18a0cdda3f2cc37ec702a1833eae1038cb370d1538d911718e1c5a459aaf377e349670ea069295b71b72dc3bf4a0d60fe601c70554bd52e660826e6cb6d
-
SSDEEP
98304:p/IfWQ2qr04vMLOMzHZ/R11zg/e0cJcX2UbCS/2wmrh3yj:cWQ2s04Gj1n1zgngo2ohmW
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-