General
-
Target
1834274fa4b80f4fcdcc81db94da31ec_JaffaCakes118
-
Size
282KB
-
Sample
240628-bbrrdssbqc
-
MD5
1834274fa4b80f4fcdcc81db94da31ec
-
SHA1
d6e1913695ece225ed09490f31eff2aae2109c1a
-
SHA256
82f7ad8e1747e6d5e05678a9e7433ee9539c56fc9f25926786a332b426a5a59e
-
SHA512
35f04dd838014a8936c1ed4a80f3f626fa8d475ad8823e4d443b6ba740b3738761def2fe71cb6efc27c1c8d76e7e9ed4a4b9f8b71d282f981185b55fa4d2185c
-
SSDEEP
6144:FQTobMyTb2U0/TjPyltCttpqpqZ8r1xGrNz/NIuc:FQTobM7yXi0q6RxiNzFu
Static task
static1
Behavioral task
behavioral1
Sample
1834274fa4b80f4fcdcc81db94da31ec_JaffaCakes118.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
1834274fa4b80f4fcdcc81db94da31ec_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
1834274fa4b80f4fcdcc81db94da31ec_JaffaCakes118
-
Size
282KB
-
MD5
1834274fa4b80f4fcdcc81db94da31ec
-
SHA1
d6e1913695ece225ed09490f31eff2aae2109c1a
-
SHA256
82f7ad8e1747e6d5e05678a9e7433ee9539c56fc9f25926786a332b426a5a59e
-
SHA512
35f04dd838014a8936c1ed4a80f3f626fa8d475ad8823e4d443b6ba740b3738761def2fe71cb6efc27c1c8d76e7e9ed4a4b9f8b71d282f981185b55fa4d2185c
-
SSDEEP
6144:FQTobMyTb2U0/TjPyltCttpqpqZ8r1xGrNz/NIuc:FQTobM7yXi0q6RxiNzFu
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of SetThreadContext
-