General

  • Target

    c06c0d8c91a61f9fe8cc12f910e20ac2_JaffaCakes118

  • Size

    283KB

  • Sample

    240825-k9j9msweqc

  • MD5

    c06c0d8c91a61f9fe8cc12f910e20ac2

  • SHA1

    7fd2a32e27fb5b853f8fdf55af1ab54256d9f578

  • SHA256

    c3a3d7f21de88a24ed63f6a02cb241a9d71f33fba8273c64662747c43adac350

  • SHA512

    24e23e2492a79df89ee9cee70f5bbfd4b8f39e043f5136ed764a97ca69791bff89c94e84d00adcb94d06af2af07c0a7c3a31dfa709b545df79f972685f871495

  • SSDEEP

    6144:zW9UUBppvBQhI8yyeuUdrcZZcmDF8TRfwY0G2g1GDtsuvs:SUMp5EItyeqZq6F89YY0G2P6v

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      c06c0d8c91a61f9fe8cc12f910e20ac2_JaffaCakes118

    • Size

      283KB

    • MD5

      c06c0d8c91a61f9fe8cc12f910e20ac2

    • SHA1

      7fd2a32e27fb5b853f8fdf55af1ab54256d9f578

    • SHA256

      c3a3d7f21de88a24ed63f6a02cb241a9d71f33fba8273c64662747c43adac350

    • SHA512

      24e23e2492a79df89ee9cee70f5bbfd4b8f39e043f5136ed764a97ca69791bff89c94e84d00adcb94d06af2af07c0a7c3a31dfa709b545df79f972685f871495

    • SSDEEP

      6144:zW9UUBppvBQhI8yyeuUdrcZZcmDF8TRfwY0G2g1GDtsuvs:SUMp5EItyeqZq6F89YY0G2P6v

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks