General

  • Target

    b2891f7a2b41810d9cea497f9928f599_JaffaCakes118

  • Size

    42KB

  • Sample

    241129-t66sxazqhn

  • MD5

    b2891f7a2b41810d9cea497f9928f599

  • SHA1

    5e2ba7f5e37cc872f4ebe561f31b21d3b4511c8a

  • SHA256

    e13430c3d1bac6ea0ab71bec912084f6f9aff6734c7228875eac20d1b31917dc

  • SHA512

    505c3fe06580f89b4a4eb70ccc26955dbbf743083496b12037ccbfffca27e7389e18dae55128dfe9adc919a898150622668e24f9f41d2d3ba28ba70b6825983c

  • SSDEEP

    768:0uCkdC2D5z4oWV0OCAB4Rld8Inv47pwkcok6bs:0jkdjl8WK4RP84vknk6

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      b2891f7a2b41810d9cea497f9928f599_JaffaCakes118

    • Size

      42KB

    • MD5

      b2891f7a2b41810d9cea497f9928f599

    • SHA1

      5e2ba7f5e37cc872f4ebe561f31b21d3b4511c8a

    • SHA256

      e13430c3d1bac6ea0ab71bec912084f6f9aff6734c7228875eac20d1b31917dc

    • SHA512

      505c3fe06580f89b4a4eb70ccc26955dbbf743083496b12037ccbfffca27e7389e18dae55128dfe9adc919a898150622668e24f9f41d2d3ba28ba70b6825983c

    • SSDEEP

      768:0uCkdC2D5z4oWV0OCAB4Rld8Inv47pwkcok6bs:0jkdjl8WK4RP84vknk6

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    • Metasploit family

    • Drops file in System32 directory

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

MITRE ATT&CK Enterprise v15

Tasks