General
-
Target
00f4d85152ef839f7e8f5c153d2a4e59_JaffaCakes118
-
Size
138KB
-
Sample
240622-dclymsthrc
-
MD5
00f4d85152ef839f7e8f5c153d2a4e59
-
SHA1
8fe99a85095e2ab34cac15b07c28fbe91a21dad3
-
SHA256
6ad78559c80fb352b1cb3d86c0a5a81c6f76fddf7be9d4a12c8abac193c3c8bd
-
SHA512
70d01273dace668e0abd946ca2c73769cadc0cd85db7359aecd4f81e13ed682cf849b499c1cebf080e8a691382e2309f84e00a380ed671d3abad928f91b5043e
-
SSDEEP
3072:G8PwA3BkRtMyrvnsHfuB3Bvr/vh76CvrV/4dC8EUHtf1:Ge2VvsibokRRUHt
Static task
static1
Behavioral task
behavioral1
Sample
00f4d85152ef839f7e8f5c153d2a4e59_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
00f4d85152ef839f7e8f5c153d2a4e59_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
metasploit_stager
192.168.1.128:3333
Targets
-
-
Target
00f4d85152ef839f7e8f5c153d2a4e59_JaffaCakes118
-
Size
138KB
-
MD5
00f4d85152ef839f7e8f5c153d2a4e59
-
SHA1
8fe99a85095e2ab34cac15b07c28fbe91a21dad3
-
SHA256
6ad78559c80fb352b1cb3d86c0a5a81c6f76fddf7be9d4a12c8abac193c3c8bd
-
SHA512
70d01273dace668e0abd946ca2c73769cadc0cd85db7359aecd4f81e13ed682cf849b499c1cebf080e8a691382e2309f84e00a380ed671d3abad928f91b5043e
-
SSDEEP
3072:G8PwA3BkRtMyrvnsHfuB3Bvr/vh76CvrV/4dC8EUHtf1:Ge2VvsibokRRUHt
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of NtCreateThreadExHideFromDebugger
-