General
-
Target
dca5803d1f682856b86dba766818a50f_JaffaCakes118
-
Size
54KB
-
Sample
240912-vcpg7svajk
-
MD5
dca5803d1f682856b86dba766818a50f
-
SHA1
9b7b9ca285b0991f4300d76d24a21ee90acf467e
-
SHA256
44c2fa40fba22319c0dc6910d7dd2cb7d1680a23a98d8af38572dd7936b0309e
-
SHA512
4958b083ec3f0b32f1f0b79d79ff8c5a8449b9dfc7a8cf7f2b0c3c5acc000743739b826e4d1a40cabac4597e9cd3ec08ad5a17e541dca68dcd10a7c6ebd78b70
-
SSDEEP
1536:nuVr87LjcrIe8Tp1muFxDQv962O8rqSHe6+Q:eI7s18NwmGQNPSHe69
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
dca5803d1f682856b86dba766818a50f_JaffaCakes118
-
Size
54KB
-
MD5
dca5803d1f682856b86dba766818a50f
-
SHA1
9b7b9ca285b0991f4300d76d24a21ee90acf467e
-
SHA256
44c2fa40fba22319c0dc6910d7dd2cb7d1680a23a98d8af38572dd7936b0309e
-
SHA512
4958b083ec3f0b32f1f0b79d79ff8c5a8449b9dfc7a8cf7f2b0c3c5acc000743739b826e4d1a40cabac4597e9cd3ec08ad5a17e541dca68dcd10a7c6ebd78b70
-
SSDEEP
1536:nuVr87LjcrIe8Tp1muFxDQv962O8rqSHe6+Q:eI7s18NwmGQNPSHe69
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-