General
-
Target
JaffaCakes118_6e0e1af448880f1e09ffdfd4ea3fc8169de9019e452c913527af24f99b3bf277
-
Size
190KB
-
Sample
241226-zdc8saynhv
-
MD5
d8bc8b12b4456c68971ac00cfad13cf7
-
SHA1
81a9a48733870da2a300a1d36996e500df21071a
-
SHA256
6e0e1af448880f1e09ffdfd4ea3fc8169de9019e452c913527af24f99b3bf277
-
SHA512
4348c377f1b327fd810886e476c6f758bac7635cf474cf78e24209902ca953fbc4bbbb8e879b41db3806061fbfed81f9cd2a2faa3410ca7b6b1efe4e1adb7951
-
SSDEEP
3072:uCiNy/mHVmEoNDBy9683Hx+QwlPy5i1u1slrrUW2Prt0L42u1XCySGm+TR5MR:diND1mE6dy96KsQwla5i1+kMt0+HgR
Malware Config
Extracted
metasploit
windows/download_exec
http://clearyourtextupdaterslover.xyz:443/image-directory/av.ico
Targets
-
-
Target
JaffaCakes118_6e0e1af448880f1e09ffdfd4ea3fc8169de9019e452c913527af24f99b3bf277
-
Size
190KB
-
MD5
d8bc8b12b4456c68971ac00cfad13cf7
-
SHA1
81a9a48733870da2a300a1d36996e500df21071a
-
SHA256
6e0e1af448880f1e09ffdfd4ea3fc8169de9019e452c913527af24f99b3bf277
-
SHA512
4348c377f1b327fd810886e476c6f758bac7635cf474cf78e24209902ca953fbc4bbbb8e879b41db3806061fbfed81f9cd2a2faa3410ca7b6b1efe4e1adb7951
-
SSDEEP
3072:uCiNy/mHVmEoNDBy9683Hx+QwlPy5i1u1slrrUW2Prt0L42u1XCySGm+TR5MR:diND1mE6dy96KsQwla5i1+kMt0+HgR
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Suspicious use of SetThreadContext
-