General
-
Target
1ceed5dcb2ea13f10a727326633a99f9_JaffaCakes118
-
Size
380KB
-
Sample
240701-3ht9mszgrj
-
MD5
1ceed5dcb2ea13f10a727326633a99f9
-
SHA1
e23bb5b3d5235757fa56a6b3a43c5e358781653a
-
SHA256
da9a60d8fbe49d1ff0cb0d4bdb5b92317f16d5c7292ca3978bfbe2dc1163221d
-
SHA512
1e52fc832946178eec00171e8a3e4c5bc9e892481b593bdc71a43410c95fbca4ea00026bdfc7b65d27aa0b626f3b2d704297a44eae6ae0e21e875cdb6926719e
-
SSDEEP
6144:WRjfpbvNzGn6+MT1k6CW3e0dZfFgCZTdsmnElX9mzHsmaEJFLaXupTR5QWfdz:WRjfHza6+M5ko1dTdxGmnOX9uhL+KT4o
Static task
static1
Behavioral task
behavioral1
Sample
1ceed5dcb2ea13f10a727326633a99f9_JaffaCakes118.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
1ceed5dcb2ea13f10a727326633a99f9_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
1ceed5dcb2ea13f10a727326633a99f9_JaffaCakes118
-
Size
380KB
-
MD5
1ceed5dcb2ea13f10a727326633a99f9
-
SHA1
e23bb5b3d5235757fa56a6b3a43c5e358781653a
-
SHA256
da9a60d8fbe49d1ff0cb0d4bdb5b92317f16d5c7292ca3978bfbe2dc1163221d
-
SHA512
1e52fc832946178eec00171e8a3e4c5bc9e892481b593bdc71a43410c95fbca4ea00026bdfc7b65d27aa0b626f3b2d704297a44eae6ae0e21e875cdb6926719e
-
SSDEEP
6144:WRjfpbvNzGn6+MT1k6CW3e0dZfFgCZTdsmnElX9mzHsmaEJFLaXupTR5QWfdz:WRjfHza6+M5ko1dTdxGmnOX9uhL+KT4o
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-