General
-
Target
637fe9a37d7a06e65020482c5e55ae36_JaffaCakes118
-
Size
437KB
-
Sample
240722-rkw1ga1gjb
-
MD5
637fe9a37d7a06e65020482c5e55ae36
-
SHA1
8da709a4b293bc089f36cc712503c675ed810660
-
SHA256
10d20d082f685934872193d12f7f64e57c0efb35dd3cf369fe858e17c51ea055
-
SHA512
caaff4dba1425e6ee9da7cd6c054c720871d4d9b0cad1855fd7f713317245ef60e6076d6cf6b4e0a81fbfea88a680dae2aaedfc6efe0a81aa0525269d64aa0b9
-
SSDEEP
12288:dq3eTRLQp1cWhLb2LYGRfFWh9BQkgIGK+nN/a+LBaiKRqo:o3+RLQp15B2Lkh9WKQfBa1P
Static task
static1
Behavioral task
behavioral1
Sample
637fe9a37d7a06e65020482c5e55ae36_JaffaCakes118.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
637fe9a37d7a06e65020482c5e55ae36_JaffaCakes118.exe
Resource
win10v2004-20240709-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
637fe9a37d7a06e65020482c5e55ae36_JaffaCakes118
-
Size
437KB
-
MD5
637fe9a37d7a06e65020482c5e55ae36
-
SHA1
8da709a4b293bc089f36cc712503c675ed810660
-
SHA256
10d20d082f685934872193d12f7f64e57c0efb35dd3cf369fe858e17c51ea055
-
SHA512
caaff4dba1425e6ee9da7cd6c054c720871d4d9b0cad1855fd7f713317245ef60e6076d6cf6b4e0a81fbfea88a680dae2aaedfc6efe0a81aa0525269d64aa0b9
-
SSDEEP
12288:dq3eTRLQp1cWhLb2LYGRfFWh9BQkgIGK+nN/a+LBaiKRqo:o3+RLQp15B2Lkh9WKQfBa1P
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-