General
-
Target
06a7007fa3decee59c7dcd3f33fba149_JaffaCakes118
-
Size
46KB
-
Sample
240623-sbyy5svfje
-
MD5
06a7007fa3decee59c7dcd3f33fba149
-
SHA1
cc8f569e0802b79a5d7a93d8c91bdb8ae72f2638
-
SHA256
99cef7cb569f9ded3a6386a3fd84e8d2f8051ecf8aa347aa443cdaf425ec5844
-
SHA512
f70f44c832e620e67fb34470bfb99173244d40c59d335d3ad27f8ca65ef5ac20682ce2b64221430fcc96a501b4f66dbfc2a19adb96ae11c06193a453dd0ed2a0
-
SSDEEP
768:aKXYZk7JeaIOGvskfFYPSJ/CCjgH8lqkXJUPhrTuCWpPl7+NPZqnl5V:30k7JGskfiPXCJq26op97OPknTV
Static task
static1
Behavioral task
behavioral1
Sample
06a7007fa3decee59c7dcd3f33fba149_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
06a7007fa3decee59c7dcd3f33fba149_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
06a7007fa3decee59c7dcd3f33fba149_JaffaCakes118
-
Size
46KB
-
MD5
06a7007fa3decee59c7dcd3f33fba149
-
SHA1
cc8f569e0802b79a5d7a93d8c91bdb8ae72f2638
-
SHA256
99cef7cb569f9ded3a6386a3fd84e8d2f8051ecf8aa347aa443cdaf425ec5844
-
SHA512
f70f44c832e620e67fb34470bfb99173244d40c59d335d3ad27f8ca65ef5ac20682ce2b64221430fcc96a501b4f66dbfc2a19adb96ae11c06193a453dd0ed2a0
-
SSDEEP
768:aKXYZk7JeaIOGvskfFYPSJ/CCjgH8lqkXJUPhrTuCWpPl7+NPZqnl5V:30k7JGskfiPXCJq26op97OPknTV
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-