General
-
Target
08eaadc72b021a9088eaf90acfa34a09_JaffaCakes118
-
Size
202KB
-
Sample
240620-xq8jcashkh
-
MD5
08eaadc72b021a9088eaf90acfa34a09
-
SHA1
0d2d4b6fe74a0c9289bbea402e6049acbddfb767
-
SHA256
e0a2de65b74e82eb898cc69369d27143c9bbfc9b83ab62e2ec0ec4b5cad79bac
-
SHA512
d338dd66e0dc3d6d80a99d27ea890b0e08fed009d452e5410194e31e24b13c9b351009033bbcdaad515c5587f1ca1b23cc8d67f238643d8d893f4b6a4cd25aff
-
SSDEEP
6144:oAMj7UGSaJxF+hzzyymJRJq6muwDGbFZAxNt+:FMXmaJfemJRg6jwapZ
Behavioral task
behavioral1
Sample
08eaadc72b021a9088eaf90acfa34a09_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
08eaadc72b021a9088eaf90acfa34a09_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
08eaadc72b021a9088eaf90acfa34a09_JaffaCakes118
-
Size
202KB
-
MD5
08eaadc72b021a9088eaf90acfa34a09
-
SHA1
0d2d4b6fe74a0c9289bbea402e6049acbddfb767
-
SHA256
e0a2de65b74e82eb898cc69369d27143c9bbfc9b83ab62e2ec0ec4b5cad79bac
-
SHA512
d338dd66e0dc3d6d80a99d27ea890b0e08fed009d452e5410194e31e24b13c9b351009033bbcdaad515c5587f1ca1b23cc8d67f238643d8d893f4b6a4cd25aff
-
SSDEEP
6144:oAMj7UGSaJxF+hzzyymJRJq6muwDGbFZAxNt+:FMXmaJfemJRg6jwapZ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
ModiLoader, DBatLoader
ModiLoader is a Delphi loader that misuses cloud services to download other malicious families.
-
ModiLoader Second Stage
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-