General
-
Target
08452d3d1decdcb90b1ff1191ac91917_JaffaCakes118
-
Size
93KB
-
Sample
240620-v4x9esyhqh
-
MD5
08452d3d1decdcb90b1ff1191ac91917
-
SHA1
40b477b947d2bfd7b7d1a727c5b0d0851c4036c8
-
SHA256
fe0aa0ba7eb9fcbd0eedb154a73732a4e914dd64bc6d3a3d0fbad069f349a7f0
-
SHA512
95109b3ff7b13fabafe4177ebdd7c7311b615e22b86d9c1b1f92fb83d47d7fd1d9c76a228e7a4817e4a3d3c54180bec7b43a66c12ce0cc7da9ea9a3eb12d677e
-
SSDEEP
1536:xfIuZe3y17vBuq6et/nbfutnrivkqpiUjPgAWwC+dBYSjNhtbKR/dON:hbZQ87lbm9rOLDIf+XYs/lK
Behavioral task
behavioral1
Sample
08452d3d1decdcb90b1ff1191ac91917_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
08452d3d1decdcb90b1ff1191ac91917_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
08452d3d1decdcb90b1ff1191ac91917_JaffaCakes118
-
Size
93KB
-
MD5
08452d3d1decdcb90b1ff1191ac91917
-
SHA1
40b477b947d2bfd7b7d1a727c5b0d0851c4036c8
-
SHA256
fe0aa0ba7eb9fcbd0eedb154a73732a4e914dd64bc6d3a3d0fbad069f349a7f0
-
SHA512
95109b3ff7b13fabafe4177ebdd7c7311b615e22b86d9c1b1f92fb83d47d7fd1d9c76a228e7a4817e4a3d3c54180bec7b43a66c12ce0cc7da9ea9a3eb12d677e
-
SSDEEP
1536:xfIuZe3y17vBuq6et/nbfutnrivkqpiUjPgAWwC+dBYSjNhtbKR/dON:hbZQ87lbm9rOLDIf+XYs/lK
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops file in System32 directory
-