General
-
Target
d58fb28760b403a97336bad0f48a6ec6_JaffaCakes118
-
Size
48KB
-
Sample
240909-dm8v6a1erc
-
MD5
d58fb28760b403a97336bad0f48a6ec6
-
SHA1
e9eb165ea7e4c937b38d8e5ecffd6f49c8fcdc90
-
SHA256
48f56c207f0307f114d78030af7705a6d581ff2f08fa76554efe723cf788b664
-
SHA512
b35a28c26901f749e2e34d2e317689381686eda461c180227c033c6d548da390a37272a0aba23a552b0073a9c9415d458d4e2ae5a79b212e0d7f33622a1f59d7
-
SSDEEP
768:r7Q3FUYaCzMbYGQvFm3wVok8gqpO6iVIHa/zy8POPo1lwU4DeF80yf:r7Q3FUYagMBkKhjqIHcWQPwUi10yf
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
d58fb28760b403a97336bad0f48a6ec6_JaffaCakes118
-
Size
48KB
-
MD5
d58fb28760b403a97336bad0f48a6ec6
-
SHA1
e9eb165ea7e4c937b38d8e5ecffd6f49c8fcdc90
-
SHA256
48f56c207f0307f114d78030af7705a6d581ff2f08fa76554efe723cf788b664
-
SHA512
b35a28c26901f749e2e34d2e317689381686eda461c180227c033c6d548da390a37272a0aba23a552b0073a9c9415d458d4e2ae5a79b212e0d7f33622a1f59d7
-
SSDEEP
768:r7Q3FUYaCzMbYGQvFm3wVok8gqpO6iVIHa/zy8POPo1lwU4DeF80yf:r7Q3FUYagMBkKhjqIHcWQPwUi10yf
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-