General
-
Target
ac1ecd8495a6f39dcdf4d3e34c3014bf_JaffaCakes118
-
Size
50KB
-
Sample
241128-m8tsssvrd1
-
MD5
ac1ecd8495a6f39dcdf4d3e34c3014bf
-
SHA1
6c8a6f65e2334852a57b0a0c0a4ca5887abdd7d9
-
SHA256
b546ca31729119659a8f8ffe1875ee3bec67cb409557c049596d74898b5f9dd0
-
SHA512
5582dd90b2f759fb4253fcc58f60184f8fcaf121112b31325c61d95e6c36e94117325fac1405c9185bc556398fdfacbf7468b3f00c0a6b3b99a2e4337031e25b
-
SSDEEP
1536:nL+m8LeaPpRQzMvEF3HbzaVN87NUP/9Y:nL+6mkMsF2NaUP/9Y
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
ac1ecd8495a6f39dcdf4d3e34c3014bf_JaffaCakes118
-
Size
50KB
-
MD5
ac1ecd8495a6f39dcdf4d3e34c3014bf
-
SHA1
6c8a6f65e2334852a57b0a0c0a4ca5887abdd7d9
-
SHA256
b546ca31729119659a8f8ffe1875ee3bec67cb409557c049596d74898b5f9dd0
-
SHA512
5582dd90b2f759fb4253fcc58f60184f8fcaf121112b31325c61d95e6c36e94117325fac1405c9185bc556398fdfacbf7468b3f00c0a6b3b99a2e4337031e25b
-
SSDEEP
1536:nL+m8LeaPpRQzMvEF3HbzaVN87NUP/9Y:nL+6mkMsF2NaUP/9Y
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Adds policy Run key to start application
-
Executes dropped EXE
-
Adds Run key to start application
-