General

  • Target

    6250dfcc9d26d468c2b43a07d92eee4f_JaffaCakes118

  • Size

    101KB

  • Sample

    240722-jfksmsvhqh

  • MD5

    6250dfcc9d26d468c2b43a07d92eee4f

  • SHA1

    bb6113669a21111ed566fc85678ead50cea7eece

  • SHA256

    5d6cdbbaa131c8289265f712064d647e99e252399a78a3cb4d7804805ef83992

  • SHA512

    6f63a1a648c2d3686cff71ac2931a447bcff54d0f1c6634810717bd21ec853630be43bb9aa7de7c1734bb86fe802c727c229a2fb5e4e43a60d1cfc6d342daa89

  • SSDEEP

    3072:U7fp4/FlzMvWqI/bkEy+SCstWUnRyQ8yyyyyO:IK/XlqAbkh+zynRMyyyyyO

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      6250dfcc9d26d468c2b43a07d92eee4f_JaffaCakes118

    • Size

      101KB

    • MD5

      6250dfcc9d26d468c2b43a07d92eee4f

    • SHA1

      bb6113669a21111ed566fc85678ead50cea7eece

    • SHA256

      5d6cdbbaa131c8289265f712064d647e99e252399a78a3cb4d7804805ef83992

    • SHA512

      6f63a1a648c2d3686cff71ac2931a447bcff54d0f1c6634810717bd21ec853630be43bb9aa7de7c1734bb86fe802c727c229a2fb5e4e43a60d1cfc6d342daa89

    • SSDEEP

      3072:U7fp4/FlzMvWqI/bkEy+SCstWUnRyQ8yyyyyO:IK/XlqAbkh+zynRMyyyyyO

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks