General
-
Target
29731285b48fd6b1e8c6f9ee9327fbb4_JaffaCakes118
-
Size
162KB
-
Sample
240706-2jhfssxcmh
-
MD5
29731285b48fd6b1e8c6f9ee9327fbb4
-
SHA1
c2e2cdcf73ca785c138477ccf82c05a78a021398
-
SHA256
6940be58cc50cddb8fcae2f5b33b3c0116c14915d960444ceaa5064301a32aa6
-
SHA512
d1360358e84b36f2424ceb1e2441c4ea730c87607581b53288096b642ac7fb33f119b9056b4cbd62afb1a25bb769e67d37ee57e7087a101e3071816d12074922
-
SSDEEP
3072:QQZGSra1ZZYh8oEVyF01uFkC5JHteIsAI9QlXpbolry/3hCny1UwQQwQQwQQwQQa:QDS4IaSO1uFkC577NCny1R
Static task
static1
Behavioral task
behavioral1
Sample
29731285b48fd6b1e8c6f9ee9327fbb4_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
29731285b48fd6b1e8c6f9ee9327fbb4_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
29731285b48fd6b1e8c6f9ee9327fbb4_JaffaCakes118
-
Size
162KB
-
MD5
29731285b48fd6b1e8c6f9ee9327fbb4
-
SHA1
c2e2cdcf73ca785c138477ccf82c05a78a021398
-
SHA256
6940be58cc50cddb8fcae2f5b33b3c0116c14915d960444ceaa5064301a32aa6
-
SHA512
d1360358e84b36f2424ceb1e2441c4ea730c87607581b53288096b642ac7fb33f119b9056b4cbd62afb1a25bb769e67d37ee57e7087a101e3071816d12074922
-
SSDEEP
3072:QQZGSra1ZZYh8oEVyF01uFkC5JHteIsAI9QlXpbolry/3hCny1UwQQwQQwQQwQQa:QDS4IaSO1uFkC577NCny1R
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-