General
-
Target
28bbbd73d67f6a1e0de927ac8947225f_JaffaCakes118
-
Size
488KB
-
Sample
240706-tcz39swekf
-
MD5
28bbbd73d67f6a1e0de927ac8947225f
-
SHA1
f64fe7779c65324e022abfb963f8fe1e5285ee92
-
SHA256
2650058f4859257c521cad3ade0ec0530fa265def927d71b454a4b54c805e12f
-
SHA512
8ce8f2ec172278fd108faef0c3eed7e622934751449afa90ee6787ee9886a8e5a804b7ca4c7fc54bc653309aa8f3fec97188aab8bdf1d8fe647842944715c729
-
SSDEEP
12288:nghlsJWOCKWde/wM3RsdNGYS3FtAgzCE6/z:nclsJToGwGRyNGYoSg2E6
Behavioral task
behavioral1
Sample
28bbbd73d67f6a1e0de927ac8947225f_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
28bbbd73d67f6a1e0de927ac8947225f_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
28bbbd73d67f6a1e0de927ac8947225f_JaffaCakes118
-
Size
488KB
-
MD5
28bbbd73d67f6a1e0de927ac8947225f
-
SHA1
f64fe7779c65324e022abfb963f8fe1e5285ee92
-
SHA256
2650058f4859257c521cad3ade0ec0530fa265def927d71b454a4b54c805e12f
-
SHA512
8ce8f2ec172278fd108faef0c3eed7e622934751449afa90ee6787ee9886a8e5a804b7ca4c7fc54bc653309aa8f3fec97188aab8bdf1d8fe647842944715c729
-
SSDEEP
12288:nghlsJWOCKWde/wM3RsdNGYS3FtAgzCE6/z:nclsJToGwGRyNGYoSg2E6
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Deletes itself
-
Drops file in System32 directory
-