General
-
Target
2597fef3521a6e95b68b17de972898cb_JaffaCakes118
-
Size
485KB
-
Sample
240704-vgztqszbrm
-
MD5
2597fef3521a6e95b68b17de972898cb
-
SHA1
b360e70b65ba38aba1b754221c820487bb0c2338
-
SHA256
0e0fdd23417c75d5be7d7b3ffc60231253412cdf740a1ec40fe7e5cac95ab4da
-
SHA512
e659ed62f6fe81cb22e0d77fc9a3dea6a616ddf2f464843e52acf1552ecd6259b6aa3f37c526fab0a03697eaf72f820418a9ee6c94de0ba16a0cdaa66b7c8bfe
-
SSDEEP
12288:7ReCXbFcHAc9r5pmcrIW+61dTdxGmnOY/7:48FSJDm7fMdTH75/7
Static task
static1
Behavioral task
behavioral1
Sample
2597fef3521a6e95b68b17de972898cb_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2597fef3521a6e95b68b17de972898cb_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
2597fef3521a6e95b68b17de972898cb_JaffaCakes118
-
Size
485KB
-
MD5
2597fef3521a6e95b68b17de972898cb
-
SHA1
b360e70b65ba38aba1b754221c820487bb0c2338
-
SHA256
0e0fdd23417c75d5be7d7b3ffc60231253412cdf740a1ec40fe7e5cac95ab4da
-
SHA512
e659ed62f6fe81cb22e0d77fc9a3dea6a616ddf2f464843e52acf1552ecd6259b6aa3f37c526fab0a03697eaf72f820418a9ee6c94de0ba16a0cdaa66b7c8bfe
-
SSDEEP
12288:7ReCXbFcHAc9r5pmcrIW+61dTdxGmnOY/7:48FSJDm7fMdTH75/7
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-