General

  • Target

    26fd121b1fa19e4c6a0717634a874a1e_JaffaCakes118

  • Size

    427KB

  • Sample

    240705-seb9jsshlh

  • MD5

    26fd121b1fa19e4c6a0717634a874a1e

  • SHA1

    04ec7222788105e07d874ca5a2a7905b449260c4

  • SHA256

    4ed791d4896720fc95ce610210f6bf502650254640dfc458a74658617bb625ea

  • SHA512

    65042cf03a73babce7a354eddbd25bff6566a3f1181f2edb435c7f949df94a49ce9c27b6546d3074f2a7f529b5a54ad2c24c495d73c034495a0e2f9cefb75efe

  • SSDEEP

    6144:f+VsWqmHQdxQVzNe4EQssPoO2dVSK3fFZThgjLjsMc56StsZbnoHWG:f+aWqmHQKNe41ssPoO2XvFJhgjvfPG

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      26fd121b1fa19e4c6a0717634a874a1e_JaffaCakes118

    • Size

      427KB

    • MD5

      26fd121b1fa19e4c6a0717634a874a1e

    • SHA1

      04ec7222788105e07d874ca5a2a7905b449260c4

    • SHA256

      4ed791d4896720fc95ce610210f6bf502650254640dfc458a74658617bb625ea

    • SHA512

      65042cf03a73babce7a354eddbd25bff6566a3f1181f2edb435c7f949df94a49ce9c27b6546d3074f2a7f529b5a54ad2c24c495d73c034495a0e2f9cefb75efe

    • SSDEEP

      6144:f+VsWqmHQdxQVzNe4EQssPoO2dVSK3fFZThgjLjsMc56StsZbnoHWG:f+aWqmHQKNe41ssPoO2XvFJhgjvfPG

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks