General
-
Target
06c9b17a98b700df01617f69191069bf_JaffaCakes118
-
Size
391KB
-
Sample
240620-rp6epssbla
-
MD5
06c9b17a98b700df01617f69191069bf
-
SHA1
708d0ee9807a9972c1eebce71f5ff60da98e1f88
-
SHA256
797db1d9d9208bb7973c98665b4574c6176a6c0eb93cf89e2c0efd081268f76a
-
SHA512
e5d3aab9c45e5a13c2b04b93245cfae06b8f13595bd37d05203b627f593ae39f59b0097af31b1327b2994aac2da482189b0b07a43a5f415a043afe1627baf5b7
-
SSDEEP
12288:/43GR0a1dTdxGmnOorhqGgaebLi7n6DxG9:VDdTH79hoaD76Dk
Behavioral task
behavioral1
Sample
06c9b17a98b700df01617f69191069bf_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
06c9b17a98b700df01617f69191069bf_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
06c9b17a98b700df01617f69191069bf_JaffaCakes118
-
Size
391KB
-
MD5
06c9b17a98b700df01617f69191069bf
-
SHA1
708d0ee9807a9972c1eebce71f5ff60da98e1f88
-
SHA256
797db1d9d9208bb7973c98665b4574c6176a6c0eb93cf89e2c0efd081268f76a
-
SHA512
e5d3aab9c45e5a13c2b04b93245cfae06b8f13595bd37d05203b627f593ae39f59b0097af31b1327b2994aac2da482189b0b07a43a5f415a043afe1627baf5b7
-
SSDEEP
12288:/43GR0a1dTdxGmnOorhqGgaebLi7n6DxG9:VDdTH79hoaD76Dk
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-