General
-
Target
JaffaCakes118_40d862c46f9ecd57fb9b80d914b04095
-
Size
386KB
-
Sample
250127-sj14gavnbj
-
MD5
40d862c46f9ecd57fb9b80d914b04095
-
SHA1
87c571ba614c0ff4b7f705d09ec48fea349ed060
-
SHA256
e0c23823302259f0b12b136ea7e157f598dc2c1e940e0cc137b0117c7c867e18
-
SHA512
5a6cbd85d01f7a7384f9a7ea82de54c1d4a3145f665f99682f765e57cc539c1284f1ea4d2f061feacce3d171b84287478b8107505799773c9d72445bbe4af6a8
-
SSDEEP
6144:YGleXoHqzHAKoFFYwiYKSzgTud7WdFFfK++IaGmKF+dnXj/PoDv5HqUVkh6WB:oXTzg7MCgw7Qo+WbBj/PUvEMU6y
Static task
static1
Behavioral task
behavioral1
Sample
JaffaCakes118_40d862c46f9ecd57fb9b80d914b04095.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
JaffaCakes118_40d862c46f9ecd57fb9b80d914b04095.exe
Resource
win10v2004-20241007-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
JaffaCakes118_40d862c46f9ecd57fb9b80d914b04095
-
Size
386KB
-
MD5
40d862c46f9ecd57fb9b80d914b04095
-
SHA1
87c571ba614c0ff4b7f705d09ec48fea349ed060
-
SHA256
e0c23823302259f0b12b136ea7e157f598dc2c1e940e0cc137b0117c7c867e18
-
SHA512
5a6cbd85d01f7a7384f9a7ea82de54c1d4a3145f665f99682f765e57cc539c1284f1ea4d2f061feacce3d171b84287478b8107505799773c9d72445bbe4af6a8
-
SSDEEP
6144:YGleXoHqzHAKoFFYwiYKSzgTud7WdFFfK++IaGmKF+dnXj/PoDv5HqUVkh6WB:oXTzg7MCgw7Qo+WbBj/PUvEMU6y
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Metasploit family
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-
Suspicious use of SetThreadContext
-