General
-
Target
28f438993e344ab06d47ecd01b3186d4_JaffaCakes118
-
Size
453KB
-
Sample
240706-vqb42awdrn
-
MD5
28f438993e344ab06d47ecd01b3186d4
-
SHA1
79e5f9c4010ec4763b1ca29ad5d0bc013e94abf1
-
SHA256
56e980592964c7fb643f82b604f17310717592f4adfcbfc3b054de240955e4b8
-
SHA512
18f1d22c339bb55712b3ddadfb6401e959074984a4e2cc23c4d225888d45c3cf821355c1fc0fec0173a5abc0751a367f0b7bc1b34794fbe6da6003bf442b40d9
-
SSDEEP
12288:ZQPA6krEJBUWNtDjLcnKNalKv1V0pjq1GBs:ZQiWNtD/qzAP0Nq1
Behavioral task
behavioral1
Sample
28f438993e344ab06d47ecd01b3186d4_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
28f438993e344ab06d47ecd01b3186d4_JaffaCakes118.exe
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
28f438993e344ab06d47ecd01b3186d4_JaffaCakes118
-
Size
453KB
-
MD5
28f438993e344ab06d47ecd01b3186d4
-
SHA1
79e5f9c4010ec4763b1ca29ad5d0bc013e94abf1
-
SHA256
56e980592964c7fb643f82b604f17310717592f4adfcbfc3b054de240955e4b8
-
SHA512
18f1d22c339bb55712b3ddadfb6401e959074984a4e2cc23c4d225888d45c3cf821355c1fc0fec0173a5abc0751a367f0b7bc1b34794fbe6da6003bf442b40d9
-
SSDEEP
12288:ZQPA6krEJBUWNtDjLcnKNalKv1V0pjq1GBs:ZQiWNtD/qzAP0Nq1
-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-