General
-
Target
7f273c8dc5aad25e95c84bf550330efe_JaffaCakes118
-
Size
84KB
-
Sample
241030-pb4b3s1raw
-
MD5
7f273c8dc5aad25e95c84bf550330efe
-
SHA1
21acee00753ae4c89f323ebb7adede353df5683a
-
SHA256
d9377bd1fdd2708c15bcd1cba1ebf70fa20093f54808849203f8fa788aadb403
-
SHA512
220ab9e96c4491451460f08b0ea3e4db35d5c7c77a2a4b15769f1a99509f2c8a944e510eaef47d57eda023aed4fdc047962ef41082c87b8b3772467ea3e8ad4d
-
SSDEEP
1536:GkWmOwtj91Lv/aLc7f26+h4OQCUwljFf+NDHV:G1wth1Lv/Ccu4Ojtl+V
Static task
static1
Behavioral task
behavioral1
Sample
7f273c8dc5aad25e95c84bf550330efe_JaffaCakes118.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
7f273c8dc5aad25e95c84bf550330efe_JaffaCakes118.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
7f273c8dc5aad25e95c84bf550330efe_JaffaCakes118
-
Size
84KB
-
MD5
7f273c8dc5aad25e95c84bf550330efe
-
SHA1
21acee00753ae4c89f323ebb7adede353df5683a
-
SHA256
d9377bd1fdd2708c15bcd1cba1ebf70fa20093f54808849203f8fa788aadb403
-
SHA512
220ab9e96c4491451460f08b0ea3e4db35d5c7c77a2a4b15769f1a99509f2c8a944e510eaef47d57eda023aed4fdc047962ef41082c87b8b3772467ea3e8ad4d
-
SSDEEP
1536:GkWmOwtj91Lv/aLc7f26+h4OQCUwljFf+NDHV:G1wth1Lv/Ccu4Ojtl+V
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-
Suspicious use of SetThreadContext
-