General
-
Target
ed58956a966e93b49800731fcff2842a_JaffaCakes118
-
Size
1.7MB
-
Sample
240920-ly2vzs1brr
-
MD5
ed58956a966e93b49800731fcff2842a
-
SHA1
ba2040c213946595a888335da82b0db30c95b2eb
-
SHA256
d3340e920c83ea0e55b1a4c3ad353e29cc0a22fa9fd6177ca5b8ab94945e9168
-
SHA512
e78e2b258f8c3f97396be796f57d4442c5043120e81b8625be5c7d8feeb1b5064119e6cb65913680d04103c72ae65fba49b7acb731cd3910ad79e63a7ce110bd
-
SSDEEP
24576:dzO5uEOelK9ntwlENXtejSIlnst8xsr83KSwxRM7L3ICRObfBuCnWQmHmkN:Y18OENXt4u82rhSwxR83DsUCDmHmkN
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
ed58956a966e93b49800731fcff2842a_JaffaCakes118
-
Size
1.7MB
-
MD5
ed58956a966e93b49800731fcff2842a
-
SHA1
ba2040c213946595a888335da82b0db30c95b2eb
-
SHA256
d3340e920c83ea0e55b1a4c3ad353e29cc0a22fa9fd6177ca5b8ab94945e9168
-
SHA512
e78e2b258f8c3f97396be796f57d4442c5043120e81b8625be5c7d8feeb1b5064119e6cb65913680d04103c72ae65fba49b7acb731cd3910ad79e63a7ce110bd
-
SSDEEP
24576:dzO5uEOelK9ntwlENXtejSIlnst8xsr83KSwxRM7L3ICRObfBuCnWQmHmkN:Y18OENXt4u82rhSwxR83DsUCDmHmkN
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-