General
-
Target
01aa9c84fdbfa587674fbc86f1cb5ae3_JaffaCakes118
-
Size
66KB
-
Sample
240622-mkfahatgpb
-
MD5
01aa9c84fdbfa587674fbc86f1cb5ae3
-
SHA1
8bc85ac284dc783431fd47a59eb055fe5d8a04e4
-
SHA256
03bef40149b05ad83fd21ce5ad3d57a6dbacf4c1605db8ad0d43911789209ae5
-
SHA512
f99dc50d6d41daa7ba00017b5b4988fde94e96b53694987cd9179dc1d4896b77ea72ae460a125dab4b6a6aa9ca7a5ef527783de5b1cdc73839614cc4a38d4a4e
-
SSDEEP
1536:gQD/Id/RvFLm44cwo6u6APSINKci0OeNll:3gd/1Jmvto6uPPJc0Oyll
Static task
static1
Behavioral task
behavioral1
Sample
01aa9c84fdbfa587674fbc86f1cb5ae3_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
01aa9c84fdbfa587674fbc86f1cb5ae3_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
01aa9c84fdbfa587674fbc86f1cb5ae3_JaffaCakes118
-
Size
66KB
-
MD5
01aa9c84fdbfa587674fbc86f1cb5ae3
-
SHA1
8bc85ac284dc783431fd47a59eb055fe5d8a04e4
-
SHA256
03bef40149b05ad83fd21ce5ad3d57a6dbacf4c1605db8ad0d43911789209ae5
-
SHA512
f99dc50d6d41daa7ba00017b5b4988fde94e96b53694987cd9179dc1d4896b77ea72ae460a125dab4b6a6aa9ca7a5ef527783de5b1cdc73839614cc4a38d4a4e
-
SSDEEP
1536:gQD/Id/RvFLm44cwo6u6APSINKci0OeNll:3gd/1Jmvto6uPPJc0Oyll
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of SetThreadContext
-