General
-
Target
e3c52c6466e29e89253c95f237c4eade_JaffaCakes118
-
Size
116KB
-
Sample
240916-b1hvsasfld
-
MD5
e3c52c6466e29e89253c95f237c4eade
-
SHA1
742f56a4d00a7743676786624a2f33c99d9873a3
-
SHA256
47cc76222cc19a24d447dd5ab1ec6c57c164c6be61219e768ac518530862edb1
-
SHA512
e70e332d7b572405db91a5cdda11bdadbcc29ecf69dd6785561053c8e3f42373c5fe6a24c42167f21ac54f65fe1774514b46113175faf1bcd0c9f14a6aa2a4a3
-
SSDEEP
1536:AIxbpGcQSuxstmL2lYg5H4uVvybu3YZ3OR5xXBYI4+s/EEwOCN:AUbpJQ1stmLgY0i/YXt4+s/M
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
e3c52c6466e29e89253c95f237c4eade_JaffaCakes118
-
Size
116KB
-
MD5
e3c52c6466e29e89253c95f237c4eade
-
SHA1
742f56a4d00a7743676786624a2f33c99d9873a3
-
SHA256
47cc76222cc19a24d447dd5ab1ec6c57c164c6be61219e768ac518530862edb1
-
SHA512
e70e332d7b572405db91a5cdda11bdadbcc29ecf69dd6785561053c8e3f42373c5fe6a24c42167f21ac54f65fe1774514b46113175faf1bcd0c9f14a6aa2a4a3
-
SSDEEP
1536:AIxbpGcQSuxstmL2lYg5H4uVvybu3YZ3OR5xXBYI4+s/EEwOCN:AUbpJQ1stmLgY0i/YXt4+s/M
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-