General
-
Target
187366e3f5997c02481bce0e76d31789_JaffaCakes118
-
Size
160KB
-
Sample
240628-cwccwawemd
-
MD5
187366e3f5997c02481bce0e76d31789
-
SHA1
4c0a57a1af80a8acd7c45342b6d26bcb482e99b7
-
SHA256
d7a31f6d0abd76b818603bb15bf79f370dd42d9b00b927fd792ac8d30e55a17b
-
SHA512
75eaff5a84e36dbaac60e406ca283389e530b214c9830caf0c4e48ff4f03c8dc0a8f17f9c643d514972be426d3ac88388a2a510da400139a3ccf03f08f4c6f70
-
SSDEEP
3072:/hPV2BUl7Qj8xxfFjl+sFXKNY0yrtPNQgHtvMrN4kKfS:pJlSkf1aVYNQgH/kp
Static task
static1
Behavioral task
behavioral1
Sample
187366e3f5997c02481bce0e76d31789_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
187366e3f5997c02481bce0e76d31789_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
187366e3f5997c02481bce0e76d31789_JaffaCakes118
-
Size
160KB
-
MD5
187366e3f5997c02481bce0e76d31789
-
SHA1
4c0a57a1af80a8acd7c45342b6d26bcb482e99b7
-
SHA256
d7a31f6d0abd76b818603bb15bf79f370dd42d9b00b927fd792ac8d30e55a17b
-
SHA512
75eaff5a84e36dbaac60e406ca283389e530b214c9830caf0c4e48ff4f03c8dc0a8f17f9c643d514972be426d3ac88388a2a510da400139a3ccf03f08f4c6f70
-
SSDEEP
3072:/hPV2BUl7Qj8xxfFjl+sFXKNY0yrtPNQgHtvMrN4kKfS:pJlSkf1aVYNQgH/kp
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of SetThreadContext
-