General
-
Target
0008d6d7ea0571daf5b451985095b9ca_JaffaCakes118
-
Size
1.2MB
-
Sample
240619-xgw4yswhnd
-
MD5
0008d6d7ea0571daf5b451985095b9ca
-
SHA1
e6049ce2a34a0197e3eb60317db4c89ad8d6d40e
-
SHA256
a259e50b3a0ab5abd711455cbcec62c0bfbcbda112a7cad719466dc494e285f5
-
SHA512
af0611cc26796c11466f9d67d9e269c247532fbbf708922708bf1eb8e1628bd33b85af702796031f4d64844888b3a2f9239d3e932813239c2aea482ddff4a21d
-
SSDEEP
3072:AjodC9zXKsmIgJ2sRwPPShW/Y4BKdSuZaszu42gP959w+Z+OlmNREHfRDc5y:codE6nwyhw/tK4/N4Z+xr5
Static task
static1
Behavioral task
behavioral1
Sample
0008d6d7ea0571daf5b451985095b9ca_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0008d6d7ea0571daf5b451985095b9ca_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
0008d6d7ea0571daf5b451985095b9ca_JaffaCakes118
-
Size
1.2MB
-
MD5
0008d6d7ea0571daf5b451985095b9ca
-
SHA1
e6049ce2a34a0197e3eb60317db4c89ad8d6d40e
-
SHA256
a259e50b3a0ab5abd711455cbcec62c0bfbcbda112a7cad719466dc494e285f5
-
SHA512
af0611cc26796c11466f9d67d9e269c247532fbbf708922708bf1eb8e1628bd33b85af702796031f4d64844888b3a2f9239d3e932813239c2aea482ddff4a21d
-
SSDEEP
3072:AjodC9zXKsmIgJ2sRwPPShW/Y4BKdSuZaszu42gP959w+Z+OlmNREHfRDc5y:codE6nwyhw/tK4/N4Z+xr5
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies security service
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-