General
-
Target
081ba9f494c1ed107544756bed278152_JaffaCakes118
-
Size
57KB
-
Sample
240620-vrexbasgqm
-
MD5
081ba9f494c1ed107544756bed278152
-
SHA1
b671aaf0c11aef5791096c82ca0fbdb600ffae07
-
SHA256
8359b84ea0cbc6d838d25db230cf5fbd73db8fc7958e75eff8903df27b7f5dd5
-
SHA512
41a43231afa921a9cf979660defc56c9808d55e9286eb325ef50cb883a79b8e5e03dffaf942bb31b844632831a950f5f53a7dfa213679e0db0dab4c981f0893a
-
SSDEEP
1536:cupr/iX5BFIdTc12UoNLEDan8/xv4ptzaR/:Jr/iX5w1c1DDGqStw/
Static task
static1
Behavioral task
behavioral1
Sample
081ba9f494c1ed107544756bed278152_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
081ba9f494c1ed107544756bed278152_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
081ba9f494c1ed107544756bed278152_JaffaCakes118
-
Size
57KB
-
MD5
081ba9f494c1ed107544756bed278152
-
SHA1
b671aaf0c11aef5791096c82ca0fbdb600ffae07
-
SHA256
8359b84ea0cbc6d838d25db230cf5fbd73db8fc7958e75eff8903df27b7f5dd5
-
SHA512
41a43231afa921a9cf979660defc56c9808d55e9286eb325ef50cb883a79b8e5e03dffaf942bb31b844632831a950f5f53a7dfa213679e0db0dab4c981f0893a
-
SSDEEP
1536:cupr/iX5BFIdTc12UoNLEDan8/xv4ptzaR/:Jr/iX5w1c1DDGqStw/
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Deletes itself
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-