General
-
Target
290d3953a9628371833353c2219dffc7_JaffaCakes118
-
Size
1.1MB
-
Sample
240706-wbt7qszcmd
-
MD5
290d3953a9628371833353c2219dffc7
-
SHA1
d01a00409b72cf49379321b614691769613935c1
-
SHA256
e19d6dec05cb23c6ca580512d116f69bd98885ab236f150338b4098ac5cf4b81
-
SHA512
553b2f90777c5fedabf8c124cb7238737e43bb190b90c818ac35989026b0d3819fdd23ff83c54defb4db7fb69d53effdfc72a09467279a13e400d1f2583efd21
-
SSDEEP
12288:kpb/ir7hhARq3/T4GHQSRvJ/ulYPCz+HavEwEQFrN:kt/ir7bAK/ZFMlY8+HN9w
Behavioral task
behavioral1
Sample
290d3953a9628371833353c2219dffc7_JaffaCakes118.exe
Resource
win7-20240705-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
290d3953a9628371833353c2219dffc7_JaffaCakes118
-
Size
1.1MB
-
MD5
290d3953a9628371833353c2219dffc7
-
SHA1
d01a00409b72cf49379321b614691769613935c1
-
SHA256
e19d6dec05cb23c6ca580512d116f69bd98885ab236f150338b4098ac5cf4b81
-
SHA512
553b2f90777c5fedabf8c124cb7238737e43bb190b90c818ac35989026b0d3819fdd23ff83c54defb4db7fb69d53effdfc72a09467279a13e400d1f2583efd21
-
SSDEEP
12288:kpb/ir7hhARq3/T4GHQSRvJ/ulYPCz+HavEwEQFrN:kt/ir7bAK/ZFMlY8+HN9w
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Identifies Wine through registry keys
Wine is a compatibility layer capable of running Windows applications, which can be used as sandboxing environment.
-
Loads dropped DLL
-
Drops file in System32 directory
-