General
-
Target
9d904c76caade908963fcfce92634eb6_JaffaCakes118
-
Size
480KB
-
Sample
241125-yk2dhszmbl
-
MD5
9d904c76caade908963fcfce92634eb6
-
SHA1
7c809c68806bbf89580d0fdf0b51ca8a73fafcb7
-
SHA256
a083e369f59c79a2c5d4247792371562c78f38de4b32028d119c7d9c8bd2d7e5
-
SHA512
42b8b907e9a2180b754f7602b8f550f7d4b4dd3ecb8a0752ca987ce98227a64abb0a4563721837292a6639ae0cd662483604114a23a661ce67dedca33e169074
-
SSDEEP
12288:HBWC7DqsLI+VDfvisN7fn5nPmSbQJo2p96N7fn5nP:g+qJXsRn5PmSbC96Rn5P
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Targets
-
-
Target
9d904c76caade908963fcfce92634eb6_JaffaCakes118
-
Size
480KB
-
MD5
9d904c76caade908963fcfce92634eb6
-
SHA1
7c809c68806bbf89580d0fdf0b51ca8a73fafcb7
-
SHA256
a083e369f59c79a2c5d4247792371562c78f38de4b32028d119c7d9c8bd2d7e5
-
SHA512
42b8b907e9a2180b754f7602b8f550f7d4b4dd3ecb8a0752ca987ce98227a64abb0a4563721837292a6639ae0cd662483604114a23a661ce67dedca33e169074
-
SSDEEP
12288:HBWC7DqsLI+VDfvisN7fn5nPmSbQJo2p96N7fn5nP:g+qJXsRn5PmSbC96Rn5P
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-