General
-
Target
dd56e6ddc24b39ce466e6f6683c10f9b_JaffaCakes118
-
Size
55KB
-
Sample
240913-a1bwssvamm
-
MD5
dd56e6ddc24b39ce466e6f6683c10f9b
-
SHA1
83f16123e720ee4fe6428c4774e8f5047a23fa07
-
SHA256
acf2fa8dbb8f1996b418fec0ff82b33513e83cecee38267855f5c19c7b2eb546
-
SHA512
7f458c52d39741b33eb29c339d7c36d597fa707092c670b240b658e8b4c0e9f4f72c4e2aadc94fa4c43c9b809a5d3b7f424c6812a700b0dc9f9b1829b717b544
-
SSDEEP
1536:gugdJn248DW6UlbLpAwRlvJ9XB38LuFiVvsFm/3:gugfn2416mbCyvHXB3tSsFm
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
dd56e6ddc24b39ce466e6f6683c10f9b_JaffaCakes118
-
Size
55KB
-
MD5
dd56e6ddc24b39ce466e6f6683c10f9b
-
SHA1
83f16123e720ee4fe6428c4774e8f5047a23fa07
-
SHA256
acf2fa8dbb8f1996b418fec0ff82b33513e83cecee38267855f5c19c7b2eb546
-
SHA512
7f458c52d39741b33eb29c339d7c36d597fa707092c670b240b658e8b4c0e9f4f72c4e2aadc94fa4c43c9b809a5d3b7f424c6812a700b0dc9f9b1829b717b544
-
SSDEEP
1536:gugdJn248DW6UlbLpAwRlvJ9XB38LuFiVvsFm/3:gugfn2416mbCyvHXB3tSsFm
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-