General
-
Target
26cf2e3331c449ce00052580b9edc486_JaffaCakes118
-
Size
132KB
-
Sample
240705-k5nfhaybkc
-
MD5
26cf2e3331c449ce00052580b9edc486
-
SHA1
ec7102fd563a2c27da29b1818d5bcf269fb57314
-
SHA256
660fd3686ae8931dc161cafa764e73a19eb7f6805aadaa6a42de281bf9d730a6
-
SHA512
692f33c5d347557640c1780c3e476665a3d9920e56e95ee9eda27ba4393d3ba5533338abc64cf90be822b600f5955d46b1d99040fcb7cb0e0ddccd5fd06ea671
-
SSDEEP
1536:B8oEQMz0ID9hobMPgllEvxLaWc4gvYGcGSzd5BbYoQLcEXKO5x7SEP9fSEhKxYHd:F3tIZhobMgEvxLaaGuz/OKmNJP9ZR7a
Static task
static1
Behavioral task
behavioral1
Sample
26cf2e3331c449ce00052580b9edc486_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
26cf2e3331c449ce00052580b9edc486_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
26cf2e3331c449ce00052580b9edc486_JaffaCakes118
-
Size
132KB
-
MD5
26cf2e3331c449ce00052580b9edc486
-
SHA1
ec7102fd563a2c27da29b1818d5bcf269fb57314
-
SHA256
660fd3686ae8931dc161cafa764e73a19eb7f6805aadaa6a42de281bf9d730a6
-
SHA512
692f33c5d347557640c1780c3e476665a3d9920e56e95ee9eda27ba4393d3ba5533338abc64cf90be822b600f5955d46b1d99040fcb7cb0e0ddccd5fd06ea671
-
SSDEEP
1536:B8oEQMz0ID9hobMPgllEvxLaWc4gvYGcGSzd5BbYoQLcEXKO5x7SEP9fSEhKxYHd:F3tIZhobMgEvxLaaGuz/OKmNJP9ZR7a
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-