General
-
Target
e95e5a67df941e7150f0c73a5c63f1b1_JaffaCakes118
-
Size
824KB
-
Sample
240918-r9xy3axfpj
-
MD5
e95e5a67df941e7150f0c73a5c63f1b1
-
SHA1
1cfedfbbff4202fee0a38ecb775cf189ae4f9739
-
SHA256
008e85f1c73c905fba2a072db714e5e268548b8ec38646b2455cf0b8be1e2f88
-
SHA512
afe1fa188a2250c74ac7cad3cc9b400fa0759b691ebe126d812e3769b92364982e29e57c1eb4d42357ff89e2344efb8e312749044e4c8dd031a57ec872a7cfca
-
SSDEEP
24576:vaT1xyiQQNN3iR1n7HNhf1TlaBVUiYUT:ybAQH817HNhnaPUiYU
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
e95e5a67df941e7150f0c73a5c63f1b1_JaffaCakes118
-
Size
824KB
-
MD5
e95e5a67df941e7150f0c73a5c63f1b1
-
SHA1
1cfedfbbff4202fee0a38ecb775cf189ae4f9739
-
SHA256
008e85f1c73c905fba2a072db714e5e268548b8ec38646b2455cf0b8be1e2f88
-
SHA512
afe1fa188a2250c74ac7cad3cc9b400fa0759b691ebe126d812e3769b92364982e29e57c1eb4d42357ff89e2344efb8e312749044e4c8dd031a57ec872a7cfca
-
SSDEEP
24576:vaT1xyiQQNN3iR1n7HNhf1TlaBVUiYUT:ybAQH817HNhnaPUiYU
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-