General
-
Target
ed2eac7a1575cc36fc0047fe2fce0ebc_JaffaCakes118
-
Size
46KB
-
Sample
240920-j6byeswhlg
-
MD5
ed2eac7a1575cc36fc0047fe2fce0ebc
-
SHA1
23eb2a0b472e7b837003cff77fd0e841580ac05b
-
SHA256
55dc77a366f276536fbfd82abbf58ad442bc5d64f9556dbd05bd287b973275b9
-
SHA512
0c58926d9728e2ec1e7c29c151c573a3cdd8881d122578a1c83e48a83359951449340960956a4da81179cf7ed865e614619fc8d04b18b58c13235a99e78ec373
-
SSDEEP
768:feQnSuPXKKhksv0n/9W1RirH24TaaLnPSrbs8V2G673RRKLRGa02SLQy5YvmDh3m:mQnSuPXKKhksv0n/9W1RirH2K9LqrbsU
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
ed2eac7a1575cc36fc0047fe2fce0ebc_JaffaCakes118
-
Size
46KB
-
MD5
ed2eac7a1575cc36fc0047fe2fce0ebc
-
SHA1
23eb2a0b472e7b837003cff77fd0e841580ac05b
-
SHA256
55dc77a366f276536fbfd82abbf58ad442bc5d64f9556dbd05bd287b973275b9
-
SHA512
0c58926d9728e2ec1e7c29c151c573a3cdd8881d122578a1c83e48a83359951449340960956a4da81179cf7ed865e614619fc8d04b18b58c13235a99e78ec373
-
SSDEEP
768:feQnSuPXKKhksv0n/9W1RirH24TaaLnPSrbs8V2G673RRKLRGa02SLQy5YvmDh3m:mQnSuPXKKhksv0n/9W1RirH2K9LqrbsU
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-