General

  • Target

    ede01640f43933596146c2016f478860_JaffaCakes118

  • Size

    92KB

  • Sample

    240920-src2lstane

  • MD5

    ede01640f43933596146c2016f478860

  • SHA1

    4740460d73e323af84dadc02bf60494d0c948ac9

  • SHA256

    556903249f8976c10cdd69dd7e16f849b88a2db3d45f875eecd7080e7a3cd256

  • SHA512

    d8879eb36a38749579c966d64701c498a3e679c827b8d87ebeef53c6d6ca5eebed81935ef8e67a791647a02e7ccfd549938913d35bd9db8c48d001b5204f6831

  • SSDEEP

    1536:iSquE20GQjz5bmDdlFeZzfdfl9H80u8TO3UfTqiktYIO2fU0AxwUWe3:l6bmDdlFefNl5TOkNktYItsXxG2

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      ede01640f43933596146c2016f478860_JaffaCakes118

    • Size

      92KB

    • MD5

      ede01640f43933596146c2016f478860

    • SHA1

      4740460d73e323af84dadc02bf60494d0c948ac9

    • SHA256

      556903249f8976c10cdd69dd7e16f849b88a2db3d45f875eecd7080e7a3cd256

    • SHA512

      d8879eb36a38749579c966d64701c498a3e679c827b8d87ebeef53c6d6ca5eebed81935ef8e67a791647a02e7ccfd549938913d35bd9db8c48d001b5204f6831

    • SSDEEP

      1536:iSquE20GQjz5bmDdlFeZzfdfl9H80u8TO3UfTqiktYIO2fU0AxwUWe3:l6bmDdlFefNl5TOkNktYItsXxG2

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.