General
-
Target
63538371e51e0d5637c7daaae47234a3_JaffaCakes118
-
Size
73KB
-
Sample
240722-qla9qaygmd
-
MD5
63538371e51e0d5637c7daaae47234a3
-
SHA1
9d48a76ee96733405506f7da0c5df16394c3c676
-
SHA256
a5f73c22e2d6f2c6e89f27a7b095077e81ca97876809210f369935a905fd0df7
-
SHA512
03f07a4ee144b8a4a42679788de4e06707404bcb699ddc0dd189e72b36e87a9942679796cad1902ed6d46c3827517da9b04551ed9eafef4536148479b0c49e0c
-
SSDEEP
1536:35sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER:3p5wfCQF92HpkeWp
Static task
static1
Behavioral task
behavioral1
Sample
63538371e51e0d5637c7daaae47234a3_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
63538371e51e0d5637c7daaae47234a3_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
63538371e51e0d5637c7daaae47234a3_JaffaCakes118
-
Size
73KB
-
MD5
63538371e51e0d5637c7daaae47234a3
-
SHA1
9d48a76ee96733405506f7da0c5df16394c3c676
-
SHA256
a5f73c22e2d6f2c6e89f27a7b095077e81ca97876809210f369935a905fd0df7
-
SHA512
03f07a4ee144b8a4a42679788de4e06707404bcb699ddc0dd189e72b36e87a9942679796cad1902ed6d46c3827517da9b04551ed9eafef4536148479b0c49e0c
-
SSDEEP
1536:35sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER:3p5wfCQF92HpkeWp
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Modifies firewall policy service
-
Modifies security service
-
Drops file in System32 directory
-