General
-
Target
26fd121b1fa19e4c6a0717634a874a1e_JaffaCakes118
-
Size
427KB
-
Sample
240705-seb9jsshlh
-
MD5
26fd121b1fa19e4c6a0717634a874a1e
-
SHA1
04ec7222788105e07d874ca5a2a7905b449260c4
-
SHA256
4ed791d4896720fc95ce610210f6bf502650254640dfc458a74658617bb625ea
-
SHA512
65042cf03a73babce7a354eddbd25bff6566a3f1181f2edb435c7f949df94a49ce9c27b6546d3074f2a7f529b5a54ad2c24c495d73c034495a0e2f9cefb75efe
-
SSDEEP
6144:f+VsWqmHQdxQVzNe4EQssPoO2dVSK3fFZThgjLjsMc56StsZbnoHWG:f+aWqmHQKNe41ssPoO2XvFJhgjvfPG
Behavioral task
behavioral1
Sample
26fd121b1fa19e4c6a0717634a874a1e_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
26fd121b1fa19e4c6a0717634a874a1e_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
26fd121b1fa19e4c6a0717634a874a1e_JaffaCakes118
-
Size
427KB
-
MD5
26fd121b1fa19e4c6a0717634a874a1e
-
SHA1
04ec7222788105e07d874ca5a2a7905b449260c4
-
SHA256
4ed791d4896720fc95ce610210f6bf502650254640dfc458a74658617bb625ea
-
SHA512
65042cf03a73babce7a354eddbd25bff6566a3f1181f2edb435c7f949df94a49ce9c27b6546d3074f2a7f529b5a54ad2c24c495d73c034495a0e2f9cefb75efe
-
SSDEEP
6144:f+VsWqmHQdxQVzNe4EQssPoO2dVSK3fFZThgjLjsMc56StsZbnoHWG:f+aWqmHQKNe41ssPoO2XvFJhgjvfPG
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-