General
-
Target
297bc466a0c6ce45b1d8cf31807191ce_JaffaCakes118
-
Size
84KB
-
Sample
240706-2rq3xaxgja
-
MD5
297bc466a0c6ce45b1d8cf31807191ce
-
SHA1
6150faf2b60581aaffcc6ce18a0c0be21c68c35c
-
SHA256
c5602f2eead5efe95729db19a8fe964ea981cb70f1716177bba2369ea28a5841
-
SHA512
a3193a09baad52a3ea250b6c0d4344410a9e6babcbeb3cc6552ba9a4562c6ccd1f8686dc7f7881a88a00c9b0c8d021443295aad7308d701dadf452749003cf6f
-
SSDEEP
1536:gz2vDSGLajorInCVPf0ZQbk4wtDqEc0oajbR8tUHK56BuY7d:prSJjorInCVkSbuqZnapaYs7YJ
Static task
static1
Behavioral task
behavioral1
Sample
297bc466a0c6ce45b1d8cf31807191ce_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
297bc466a0c6ce45b1d8cf31807191ce_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
297bc466a0c6ce45b1d8cf31807191ce_JaffaCakes118
-
Size
84KB
-
MD5
297bc466a0c6ce45b1d8cf31807191ce
-
SHA1
6150faf2b60581aaffcc6ce18a0c0be21c68c35c
-
SHA256
c5602f2eead5efe95729db19a8fe964ea981cb70f1716177bba2369ea28a5841
-
SHA512
a3193a09baad52a3ea250b6c0d4344410a9e6babcbeb3cc6552ba9a4562c6ccd1f8686dc7f7881a88a00c9b0c8d021443295aad7308d701dadf452749003cf6f
-
SSDEEP
1536:gz2vDSGLajorInCVPf0ZQbk4wtDqEc0oajbR8tUHK56BuY7d:prSJjorInCVkSbuqZnapaYs7YJ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-