General

  • Target

    01aa9c84fdbfa587674fbc86f1cb5ae3_JaffaCakes118

  • Size

    66KB

  • Sample

    240622-mkfahatgpb

  • MD5

    01aa9c84fdbfa587674fbc86f1cb5ae3

  • SHA1

    8bc85ac284dc783431fd47a59eb055fe5d8a04e4

  • SHA256

    03bef40149b05ad83fd21ce5ad3d57a6dbacf4c1605db8ad0d43911789209ae5

  • SHA512

    f99dc50d6d41daa7ba00017b5b4988fde94e96b53694987cd9179dc1d4896b77ea72ae460a125dab4b6a6aa9ca7a5ef527783de5b1cdc73839614cc4a38d4a4e

  • SSDEEP

    1536:gQD/Id/RvFLm44cwo6u6APSINKci0OeNll:3gd/1Jmvto6uPPJc0Oyll

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      01aa9c84fdbfa587674fbc86f1cb5ae3_JaffaCakes118

    • Size

      66KB

    • MD5

      01aa9c84fdbfa587674fbc86f1cb5ae3

    • SHA1

      8bc85ac284dc783431fd47a59eb055fe5d8a04e4

    • SHA256

      03bef40149b05ad83fd21ce5ad3d57a6dbacf4c1605db8ad0d43911789209ae5

    • SHA512

      f99dc50d6d41daa7ba00017b5b4988fde94e96b53694987cd9179dc1d4896b77ea72ae460a125dab4b6a6aa9ca7a5ef527783de5b1cdc73839614cc4a38d4a4e

    • SSDEEP

      1536:gQD/Id/RvFLm44cwo6u6APSINKci0OeNll:3gd/1Jmvto6uPPJc0Oyll

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks