General
-
Target
068b4aef730210460d24ae0490b8006c_JaffaCakes118
-
Size
46KB
-
Sample
240620-q26qka1ane
-
MD5
068b4aef730210460d24ae0490b8006c
-
SHA1
4cd49bae9ba2f42c2149c2ff14c5905227c15d6b
-
SHA256
5bec128209ad6be65fdb39c1a0e2ba795f9879461b2a085e3204f5389083cfbe
-
SHA512
b3830a192d70e295af386044f9d0dcd8df33385ded988e1bb37c7c69ae9270b988f38101cee41c289e37cbad20e02e4e5d0f42fd93336f0c8a8360d28c2af41e
-
SSDEEP
768:Frq01BmfRsNOCKQbBGg6Fsscs9fnghQDgwua7xyZfnA6iyIy0gmTy9bT9:FrqdRoBdD6Z51ng8gwOZ9iyIy0gme
Static task
static1
Behavioral task
behavioral1
Sample
068b4aef730210460d24ae0490b8006c_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
068b4aef730210460d24ae0490b8006c_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
068b4aef730210460d24ae0490b8006c_JaffaCakes118
-
Size
46KB
-
MD5
068b4aef730210460d24ae0490b8006c
-
SHA1
4cd49bae9ba2f42c2149c2ff14c5905227c15d6b
-
SHA256
5bec128209ad6be65fdb39c1a0e2ba795f9879461b2a085e3204f5389083cfbe
-
SHA512
b3830a192d70e295af386044f9d0dcd8df33385ded988e1bb37c7c69ae9270b988f38101cee41c289e37cbad20e02e4e5d0f42fd93336f0c8a8360d28c2af41e
-
SSDEEP
768:Frq01BmfRsNOCKQbBGg6Fsscs9fnghQDgwua7xyZfnA6iyIy0gmTy9bT9:FrqdRoBdD6Z51ng8gwOZ9iyIy0gme
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-