General

  • Target

    e16e4bf03f7f05a58f518ea4eaaa1501_JaffaCakes118

  • Size

    185KB

  • Sample

    240915-btbg5aybpk

  • MD5

    e16e4bf03f7f05a58f518ea4eaaa1501

  • SHA1

    050413902dbd7516a209e6749bf83802c2d075fc

  • SHA256

    648d78489be85b1db3a8d8da1cf966d97f1d592f8586bdaff608c9afac671642

  • SHA512

    fee88302c5ec0c2f9ca38876698863e1073e4b76b84b308434e13fa90ca33672537567526eabf283a233c34bab18686a0f7a36acc8c993d264de9bf5b1f9fa2e

  • SSDEEP

    3072:EIDI05N6SGLUPSBEul2zBklsDNEnIkrsnn0UMPcSDM+1+IqewHcvBS9a3FA2YQCr:EI805onUP3rzOlshEI10UM7D8IqewHv3

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      e16e4bf03f7f05a58f518ea4eaaa1501_JaffaCakes118

    • Size

      185KB

    • MD5

      e16e4bf03f7f05a58f518ea4eaaa1501

    • SHA1

      050413902dbd7516a209e6749bf83802c2d075fc

    • SHA256

      648d78489be85b1db3a8d8da1cf966d97f1d592f8586bdaff608c9afac671642

    • SHA512

      fee88302c5ec0c2f9ca38876698863e1073e4b76b84b308434e13fa90ca33672537567526eabf283a233c34bab18686a0f7a36acc8c993d264de9bf5b1f9fa2e

    • SSDEEP

      3072:EIDI05N6SGLUPSBEul2zBklsDNEnIkrsnn0UMPcSDM+1+IqewHcvBS9a3FA2YQCr:EI805onUP3rzOlshEI10UM7D8IqewHv3

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.