General
-
Target
167d3ea012510c658f5b975e1af1a603_JaffaCakes118
-
Size
340KB
-
Sample
240627-spmg9sxcpc
-
MD5
167d3ea012510c658f5b975e1af1a603
-
SHA1
226b991ed3f492cff9ae6cdd95ee8d635839bce0
-
SHA256
93650c39360cee9ca009a9cff5db55b30a8af56edaa96f5a89405ff0ab08c55f
-
SHA512
2d54f6e9d96e9d2224dea374106e7256f7e3ecea02044138a5882031f417a095563cae6168237974954ca9d6e54d7490f1a21b1f7a9818be098a33b895fa85ee
-
SSDEEP
6144:iXhaVAhAD4U5lbVwRhauOLIXV+w5BhfMPccDOqh7zYHhYH9052:ixaVAh64U5lCPOLIXV+w5WjHa52
Static task
static1
Behavioral task
behavioral1
Sample
167d3ea012510c658f5b975e1af1a603_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
167d3ea012510c658f5b975e1af1a603_JaffaCakes118.exe
Resource
win10v2004-20240226-en
Malware Config
Extracted
metasploit
encoder/shikata_ga_nai
Targets
-
-
Target
167d3ea012510c658f5b975e1af1a603_JaffaCakes118
-
Size
340KB
-
MD5
167d3ea012510c658f5b975e1af1a603
-
SHA1
226b991ed3f492cff9ae6cdd95ee8d635839bce0
-
SHA256
93650c39360cee9ca009a9cff5db55b30a8af56edaa96f5a89405ff0ab08c55f
-
SHA512
2d54f6e9d96e9d2224dea374106e7256f7e3ecea02044138a5882031f417a095563cae6168237974954ca9d6e54d7490f1a21b1f7a9818be098a33b895fa85ee
-
SSDEEP
6144:iXhaVAhAD4U5lbVwRhauOLIXV+w5BhfMPccDOqh7zYHhYH9052:ixaVAh64U5lCPOLIXV+w5WjHa52
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-