General
-
Target
d8b819ea1e4d97b17db5a51d1f8f24a7_JaffaCakes118
-
Size
48KB
-
Sample
240910-v9xj3swdmk
-
MD5
d8b819ea1e4d97b17db5a51d1f8f24a7
-
SHA1
61a32372e1ae56e7109ad6d824e6308040b37cfd
-
SHA256
dc35341679e76213d3b23765f82f6465eb8165b15f93e605c95844ff2bd45a30
-
SHA512
a2222374cf0f330aa23fab01289e6482d8411f60a592da0decb0a8bd5f1d81c61dd00c560e6e383b0673720260ebc265c703231e95b915062c48cefb83195367
-
SSDEEP
768:wwCW+aIbCXnxRrKBhM+lTjy+ggmkbAE02kV20YvdUu9W7lEVFRbeZxEotTxK:LCXaGYrKBhjgrkbAE02K2dk7l8z4t
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
d8b819ea1e4d97b17db5a51d1f8f24a7_JaffaCakes118
-
Size
48KB
-
MD5
d8b819ea1e4d97b17db5a51d1f8f24a7
-
SHA1
61a32372e1ae56e7109ad6d824e6308040b37cfd
-
SHA256
dc35341679e76213d3b23765f82f6465eb8165b15f93e605c95844ff2bd45a30
-
SHA512
a2222374cf0f330aa23fab01289e6482d8411f60a592da0decb0a8bd5f1d81c61dd00c560e6e383b0673720260ebc265c703231e95b915062c48cefb83195367
-
SSDEEP
768:wwCW+aIbCXnxRrKBhM+lTjy+ggmkbAE02kV20YvdUu9W7lEVFRbeZxEotTxK:LCXaGYrKBhjgrkbAE02K2dk7l8z4t
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-