General
-
Target
0115104a9d002f584068b8d0855d3cec_JaffaCakes118
-
Size
46KB
-
Sample
240622-d3lqkawcld
-
MD5
0115104a9d002f584068b8d0855d3cec
-
SHA1
2ce8c40b027d6a7d347e4fa3a89c90459a28efc6
-
SHA256
c72bb3de03c05eaf2edf3a8ba92ec7cb5779b8af050a7e945b942c61c1f56f05
-
SHA512
b43cbd4b6e37942b931733788ef450afef68c7988d79c17a945196088ff891b625dd60cffcd8b9865169a2cfa80c939de9e22165079a47b5cb9a064149f8e18d
-
SSDEEP
768:CXaCzMbYGQvFm3wVok8gqpO6iVIHa/zy8POPo1lwU4DeF80yZ:CXagMBkKhjqIHcWQPwUi10yZ
Static task
static1
Behavioral task
behavioral1
Sample
0115104a9d002f584068b8d0855d3cec_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
0115104a9d002f584068b8d0855d3cec_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
0115104a9d002f584068b8d0855d3cec_JaffaCakes118
-
Size
46KB
-
MD5
0115104a9d002f584068b8d0855d3cec
-
SHA1
2ce8c40b027d6a7d347e4fa3a89c90459a28efc6
-
SHA256
c72bb3de03c05eaf2edf3a8ba92ec7cb5779b8af050a7e945b942c61c1f56f05
-
SHA512
b43cbd4b6e37942b931733788ef450afef68c7988d79c17a945196088ff891b625dd60cffcd8b9865169a2cfa80c939de9e22165079a47b5cb9a064149f8e18d
-
SSDEEP
768:CXaCzMbYGQvFm3wVok8gqpO6iVIHa/zy8POPo1lwU4DeF80yZ:CXagMBkKhjqIHcWQPwUi10yZ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-