General
-
Target
143b6e0701abc8ab4c0664545d16ffeb_JaffaCakes118
-
Size
172KB
-
Sample
240627-b4y16swdjf
-
MD5
143b6e0701abc8ab4c0664545d16ffeb
-
SHA1
98503ed9def4836e94269401d6998c09daaf114f
-
SHA256
ffa2c6cc315ed5d54664e5115ee8545f748ec2723e2049ead589dbd5ead1cf5e
-
SHA512
d81736343e1bb404fe7f15c44f9265692d4791aa4a9f3fe90d07dbb3b7363b21207446b71d9d3fe495a71704c2e62803c83d391dae81b3c187e417e9c25f0928
-
SSDEEP
3072:Aqbv4V5fgm8/SPNV7+lAApeQN5/ioqPTYalF0agXgDKNj9C0c17WIxsTJ:Auv4HPNV7tfQN5/inEaMadDKNa1aI2TJ
Static task
static1
Behavioral task
behavioral1
Sample
143b6e0701abc8ab4c0664545d16ffeb_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
143b6e0701abc8ab4c0664545d16ffeb_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
encoder/fnstenv_mov
Targets
-
-
Target
143b6e0701abc8ab4c0664545d16ffeb_JaffaCakes118
-
Size
172KB
-
MD5
143b6e0701abc8ab4c0664545d16ffeb
-
SHA1
98503ed9def4836e94269401d6998c09daaf114f
-
SHA256
ffa2c6cc315ed5d54664e5115ee8545f748ec2723e2049ead589dbd5ead1cf5e
-
SHA512
d81736343e1bb404fe7f15c44f9265692d4791aa4a9f3fe90d07dbb3b7363b21207446b71d9d3fe495a71704c2e62803c83d391dae81b3c187e417e9c25f0928
-
SSDEEP
3072:Aqbv4V5fgm8/SPNV7+lAApeQN5/ioqPTYalF0agXgDKNj9C0c17WIxsTJ:Auv4HPNV7tfQN5/inEaMadDKNa1aI2TJ
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Drops file in Drivers directory
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-