General
-
Target
b2b4f7b154ba5e38fa8b0a3bb346cd2b_JaffaCakes118
-
Size
350KB
-
Sample
241129-vrsheaxlfv
-
MD5
b2b4f7b154ba5e38fa8b0a3bb346cd2b
-
SHA1
6eb49ad72def6106d3288338cf93cf4c82a19567
-
SHA256
c57f408f688b2aa096be28ccc6bfed020e5ac5faec355b1a09e7b9e463f020ba
-
SHA512
1b30e0b8ea093ccc0b25491b825e63721e6b75edea9ea5fdab2e46bb3cba06b7689a57d2e036bd535dbf9cd4da65106852246906675612c55c7d6855596e12f1
-
SSDEEP
6144:6diDb0qnZl9yEeuBP0VI6zTc6/AuzW7vlxzlpQjH7MHm610BLA:6di30qnf9yEeePczw6/Pq7HzlpQj4+A
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
b2b4f7b154ba5e38fa8b0a3bb346cd2b_JaffaCakes118
-
Size
350KB
-
MD5
b2b4f7b154ba5e38fa8b0a3bb346cd2b
-
SHA1
6eb49ad72def6106d3288338cf93cf4c82a19567
-
SHA256
c57f408f688b2aa096be28ccc6bfed020e5ac5faec355b1a09e7b9e463f020ba
-
SHA512
1b30e0b8ea093ccc0b25491b825e63721e6b75edea9ea5fdab2e46bb3cba06b7689a57d2e036bd535dbf9cd4da65106852246906675612c55c7d6855596e12f1
-
SSDEEP
6144:6diDb0qnZl9yEeuBP0VI6zTc6/AuzW7vlxzlpQjH7MHm610BLA:6di30qnf9yEeePczw6/Pq7HzlpQj4+A
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-