General
-
Target
1b2426a31acc19436eed445bd1ffd896_JaffaCakes118
-
Size
29KB
-
Sample
240701-nqdvasyhqe
-
MD5
1b2426a31acc19436eed445bd1ffd896
-
SHA1
bf49a123786f6d40af9b238704f6f6f6ff0394ff
-
SHA256
86db0194ca13a386a258a81d585456e26ba6c618ae437bf0325918a8e0bc62b1
-
SHA512
df945652e984ce94cbbcb9028372d1495d4e00fbb79e23fcfe9397c652cb0a4cfb4dcade5fd1df16d559157326c0c8727e6ee306646029dfd883a710bf964289
-
SSDEEP
768:a9h4VYE3yVYjnfhUnjPcCZjWw73cPju4yE0rpZ62uXM:awYufhUnj0OR73c7u4R01VuXM
Static task
static1
Behavioral task
behavioral1
Sample
1b2426a31acc19436eed445bd1ffd896_JaffaCakes118.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1b2426a31acc19436eed445bd1ffd896_JaffaCakes118.exe
Resource
win10v2004-20240611-en
Malware Config
Extracted
metasploit
encoder/call4_dword_xor
Targets
-
-
Target
1b2426a31acc19436eed445bd1ffd896_JaffaCakes118
-
Size
29KB
-
MD5
1b2426a31acc19436eed445bd1ffd896
-
SHA1
bf49a123786f6d40af9b238704f6f6f6ff0394ff
-
SHA256
86db0194ca13a386a258a81d585456e26ba6c618ae437bf0325918a8e0bc62b1
-
SHA512
df945652e984ce94cbbcb9028372d1495d4e00fbb79e23fcfe9397c652cb0a4cfb4dcade5fd1df16d559157326c0c8727e6ee306646029dfd883a710bf964289
-
SSDEEP
768:a9h4VYE3yVYjnfhUnjPcCZjWw73cPju4yE0rpZ62uXM:awYufhUnj0OR73c7u4R01VuXM
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Deletes itself
-
Executes dropped EXE
-
Drops file in System32 directory
-