General
-
Target
2a2b9c4e86ea708cb5dcf9f2912e6705_JaffaCakes118
-
Size
5KB
-
Sample
240707-3gh5zstenh
-
MD5
2a2b9c4e86ea708cb5dcf9f2912e6705
-
SHA1
725bcaa83a31772520386e0c2fffc57f68676068
-
SHA256
e0273dcc42f7426c64c9f2524d2cb0210c70ca4a2a8f25e5f31e44a1da8086ca
-
SHA512
973948c148681654b103a784e437f1440c4ca20e77956dd3a7221164527130f183af57816719368d1dfcc8d71131eb186776d264add7e4a2979fa931e64c7d12
-
SSDEEP
48:qFGFajFK3zSIe7h/TMXhZo+lC56afAfRa:eGFajRJhwo9Up
Behavioral task
behavioral1
Sample
2a2b9c4e86ea708cb5dcf9f2912e6705_JaffaCakes118.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
2a2b9c4e86ea708cb5dcf9f2912e6705_JaffaCakes118.dll
Resource
win10v2004-20240704-en
Malware Config
Extracted
metasploit
windows/reverse_http
http://149.248.6.193:2009/HaD_DhtsZRt31HbVKPE1pwb_9iTx8rtfDNK6yWZphwG1YiYW-Fgnw176VSqa
Targets
-
-
Target
2a2b9c4e86ea708cb5dcf9f2912e6705_JaffaCakes118
-
Size
5KB
-
MD5
2a2b9c4e86ea708cb5dcf9f2912e6705
-
SHA1
725bcaa83a31772520386e0c2fffc57f68676068
-
SHA256
e0273dcc42f7426c64c9f2524d2cb0210c70ca4a2a8f25e5f31e44a1da8086ca
-
SHA512
973948c148681654b103a784e437f1440c4ca20e77956dd3a7221164527130f183af57816719368d1dfcc8d71131eb186776d264add7e4a2979fa931e64c7d12
-
SSDEEP
48:qFGFajFK3zSIe7h/TMXhZo+lC56afAfRa:eGFajRJhwo9Up
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Blocklisted process makes network request
-
Suspicious use of SetThreadContext
-