General

  • Target

    08077caa8ee22971ce36226a4a55ba46_JaffaCakes118

  • Size

    99KB

  • Sample

    240620-vk55xsyara

  • MD5

    08077caa8ee22971ce36226a4a55ba46

  • SHA1

    b8b96ebe27a9cce6a5f32e640b1e16ffdb00de87

  • SHA256

    c9ad504e5f809d0f561213300f52a3e89c21d88fffa24b15c4e08ce21d1f3820

  • SHA512

    62f77af8c5e65ffdc832f8da2aca38242a84af4e79073be972d861f197d655a58d105662c2442cbbb192686724b9f22bc55d0614fa0d71b71a4f5a9af0b0a543

  • SSDEEP

    3072:6gE8r/MeWOEk6F1krkQ9HnzEuui77777777777777777V:PE871KkVgA

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      08077caa8ee22971ce36226a4a55ba46_JaffaCakes118

    • Size

      99KB

    • MD5

      08077caa8ee22971ce36226a4a55ba46

    • SHA1

      b8b96ebe27a9cce6a5f32e640b1e16ffdb00de87

    • SHA256

      c9ad504e5f809d0f561213300f52a3e89c21d88fffa24b15c4e08ce21d1f3820

    • SHA512

      62f77af8c5e65ffdc832f8da2aca38242a84af4e79073be972d861f197d655a58d105662c2442cbbb192686724b9f22bc55d0614fa0d71b71a4f5a9af0b0a543

    • SSDEEP

      3072:6gE8r/MeWOEk6F1krkQ9HnzEuui77777777777777777V:PE871KkVgA

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks