General
-
Target
15dd08ba1d605c164d964decdcd539c6_JaffaCakes118
-
Size
31KB
-
Sample
240627-nr75jasamn
-
MD5
15dd08ba1d605c164d964decdcd539c6
-
SHA1
528d930d0fda80510f7f32697bd3cbcb9114d324
-
SHA256
8b0b5de9c5209ae7d95993d0882f5cfe0e15ff60c0ce30c78d6c4e80bce671f8
-
SHA512
6b75113ccb91746d4711f41a1d6a712e5e231521185db635f5a7be22bde2c371f6a8350b5fc4f10b6b81ff07773e0c848231b563dbd5dda183a085122b8ee2b5
-
SSDEEP
768:kLklD4zXpoSv6t8YwknTfKRpSbcpJCQ+uf1N:kL40zZo6UVwuCRfYUH
Behavioral task
behavioral1
Sample
15dd08ba1d605c164d964decdcd539c6_JaffaCakes118.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
15dd08ba1d605c164d964decdcd539c6_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
15dd08ba1d605c164d964decdcd539c6_JaffaCakes118
-
Size
31KB
-
MD5
15dd08ba1d605c164d964decdcd539c6
-
SHA1
528d930d0fda80510f7f32697bd3cbcb9114d324
-
SHA256
8b0b5de9c5209ae7d95993d0882f5cfe0e15ff60c0ce30c78d6c4e80bce671f8
-
SHA512
6b75113ccb91746d4711f41a1d6a712e5e231521185db635f5a7be22bde2c371f6a8350b5fc4f10b6b81ff07773e0c848231b563dbd5dda183a085122b8ee2b5
-
SSDEEP
768:kLklD4zXpoSv6t8YwknTfKRpSbcpJCQ+uf1N:kL40zZo6UVwuCRfYUH
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-