General
-
Target
f7a1a4ec8ee1f0504378264b77c200cf_JaffaCakes118
-
Size
792KB
-
Sample
240926-fskrmascnb
-
MD5
f7a1a4ec8ee1f0504378264b77c200cf
-
SHA1
afafcaff5c683e70324298d6fe75fdbaba506296
-
SHA256
6d1d41b1f4df5c76e9f8a82469471cc9eb623c08fda2be0554c3e20ccd775af1
-
SHA512
d6d1c8d8775d8d6c52548f8765200320d79ffe01948ec5629c961b227bd8024ff7dfeb9c0610797cbebed845eab3cbfe5096bbaf6e43e6719192c07e6aceb174
-
SSDEEP
12288:27lo5CZDPH2fpcx/c6V2NNHbScrXOL+ikJvRg597+QKUvrISSLqD3/HsN:e/DPHFx/cmqY7kJ59aIDq7
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
f7a1a4ec8ee1f0504378264b77c200cf_JaffaCakes118
-
Size
792KB
-
MD5
f7a1a4ec8ee1f0504378264b77c200cf
-
SHA1
afafcaff5c683e70324298d6fe75fdbaba506296
-
SHA256
6d1d41b1f4df5c76e9f8a82469471cc9eb623c08fda2be0554c3e20ccd775af1
-
SHA512
d6d1c8d8775d8d6c52548f8765200320d79ffe01948ec5629c961b227bd8024ff7dfeb9c0610797cbebed845eab3cbfe5096bbaf6e43e6719192c07e6aceb174
-
SSDEEP
12288:27lo5CZDPH2fpcx/c6V2NNHbScrXOL+ikJvRg597+QKUvrISSLqD3/HsN:e/DPHFx/cmqY7kJ59aIDq7
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-