General
-
Target
28ec2e0d265ccb8559a54043b3f4f5b7_JaffaCakes118
-
Size
6.3MB
-
Sample
240706-vhvw6sybmg
-
MD5
28ec2e0d265ccb8559a54043b3f4f5b7
-
SHA1
6306ac92d6335e3f3e961055cb71989b9b2f0a9b
-
SHA256
0d6f9ce9f73a60add174f4490df1741be6cc710e2d38ea1cebea9da69382a62d
-
SHA512
9d7d0290836a7beeb075fb422e4030631b1f212d974f68777291ab2e323b08ccc66b5c11293e2bf42ea6656c7802e5902d00032a92ab6a5966dce2c0220a9af6
-
SSDEEP
768:rLe/oQbI8MykvfC9TXiPw7pQb1PLBVCs56ZfNUs+MXA:rCzUykvGpAVBhyMMXA
Static task
static1
Behavioral task
behavioral1
Sample
28ec2e0d265ccb8559a54043b3f4f5b7_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
28ec2e0d265ccb8559a54043b3f4f5b7_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
28ec2e0d265ccb8559a54043b3f4f5b7_JaffaCakes118
-
Size
6.3MB
-
MD5
28ec2e0d265ccb8559a54043b3f4f5b7
-
SHA1
6306ac92d6335e3f3e961055cb71989b9b2f0a9b
-
SHA256
0d6f9ce9f73a60add174f4490df1741be6cc710e2d38ea1cebea9da69382a62d
-
SHA512
9d7d0290836a7beeb075fb422e4030631b1f212d974f68777291ab2e323b08ccc66b5c11293e2bf42ea6656c7802e5902d00032a92ab6a5966dce2c0220a9af6
-
SSDEEP
768:rLe/oQbI8MykvfC9TXiPw7pQb1PLBVCs56ZfNUs+MXA:rCzUykvGpAVBhyMMXA
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Drops file in Drivers directory
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-