General
-
Target
09242c9ee4b66dc51fa6c40bf1b7776b_JaffaCakes118
-
Size
1.9MB
-
Sample
240620-yazf6sybpr
-
MD5
09242c9ee4b66dc51fa6c40bf1b7776b
-
SHA1
0809ca376976c06b8ccd23759b694a9b9ccd5aae
-
SHA256
35469fb62284fd41d8a9771042a11b9700620c4b9466f51d5a065653039064f9
-
SHA512
66d0bf07675a8b268458677c756c3a0a837d4d490c766e55e7a438515cbbf38a600d46a37bcffb85d7a1d4bd61b871c744e6120f4bf6483d4c2628393448c852
-
SSDEEP
49152:HuH31ej4BZ9PpYY2+E4lorhtEC80ZOOGEyAX3RrTrEtJb5M4:W1Ff9BYo2tt/80UOG+3RrnO
Behavioral task
behavioral1
Sample
09242c9ee4b66dc51fa6c40bf1b7776b_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
09242c9ee4b66dc51fa6c40bf1b7776b_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
09242c9ee4b66dc51fa6c40bf1b7776b_JaffaCakes118
-
Size
1.9MB
-
MD5
09242c9ee4b66dc51fa6c40bf1b7776b
-
SHA1
0809ca376976c06b8ccd23759b694a9b9ccd5aae
-
SHA256
35469fb62284fd41d8a9771042a11b9700620c4b9466f51d5a065653039064f9
-
SHA512
66d0bf07675a8b268458677c756c3a0a837d4d490c766e55e7a438515cbbf38a600d46a37bcffb85d7a1d4bd61b871c744e6120f4bf6483d4c2628393448c852
-
SSDEEP
49152:HuH31ej4BZ9PpYY2+E4lorhtEC80ZOOGEyAX3RrTrEtJb5M4:W1Ff9BYo2tt/80UOG+3RrnO
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-