General
-
Target
b744a22fe1fe174504289f5856d8fd70_JaffaCakes118
-
Size
19.9MB
-
Sample
240617-hkydvsshmn
-
MD5
b744a22fe1fe174504289f5856d8fd70
-
SHA1
347719365a554d31a795554794d82c15ea656ba4
-
SHA256
a5476084f4beed4d510c9dab4a1544dde1c05cc0a88cfd55b316ef097ba2b273
-
SHA512
6398440b39b394a009586ff133776ba6b2f5c18a7ef46a77cd5c9c7ea1899d54c47dc8dc05cb4b85be4420b755e0843a8fb0798a706e3717da42688349c1e767
-
SSDEEP
393216:0p0ACvKSZn6fx86wrSvqMN7TfwEcsRA+SnRITSmfwo+DKmsS2g8kU:KC36fS6wrSBNAARBcRITEo+12N
Static task
static1
Behavioral task
behavioral1
Sample
b744a22fe1fe174504289f5856d8fd70_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
b744a22fe1fe174504289f5856d8fd70_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
10.0.0.4:5567
Targets
-
-
Target
b744a22fe1fe174504289f5856d8fd70_JaffaCakes118
-
Size
19.9MB
-
MD5
b744a22fe1fe174504289f5856d8fd70
-
SHA1
347719365a554d31a795554794d82c15ea656ba4
-
SHA256
a5476084f4beed4d510c9dab4a1544dde1c05cc0a88cfd55b316ef097ba2b273
-
SHA512
6398440b39b394a009586ff133776ba6b2f5c18a7ef46a77cd5c9c7ea1899d54c47dc8dc05cb4b85be4420b755e0843a8fb0798a706e3717da42688349c1e767
-
SSDEEP
393216:0p0ACvKSZn6fx86wrSvqMN7TfwEcsRA+SnRITSmfwo+DKmsS2g8kU:KC36fS6wrSBNAARBcRITEo+12N
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-