General
-
Target
1c01bc2c2bbd72336530eefb258166a5_JaffaCakes118
-
Size
528KB
-
Sample
240701-wtqbhasaqf
-
MD5
1c01bc2c2bbd72336530eefb258166a5
-
SHA1
95cc61a79c10dbf1beefb6306ee6de367d73d022
-
SHA256
16801c285de9f40edd59951515bfaaaddaf586defcdb309b730f4d20acbd07bc
-
SHA512
32aefca83f8d0f73e3acd1ca330c34c5630995825e809c43655991fdb5b57477137d5cb415cb6b4ef8ebb5d2657d20e7f3cd464cd54bdd4dd8c20d4b2b0c01c8
-
SSDEEP
12288:m+LBj05NcFwKUynJ9ypCT6NNqavSR5SFgeiqRFpfZ6Mi:BVYwFlUynJXmstax6Mi
Static task
static1
Behavioral task
behavioral1
Sample
1c01bc2c2bbd72336530eefb258166a5_JaffaCakes118.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
1c01bc2c2bbd72336530eefb258166a5_JaffaCakes118.exe
Resource
win10v2004-20240508-en
Malware Config
Extracted
metasploit
windows/shell_reverse_tcp
192.168.1.4:4444
Targets
-
-
Target
1c01bc2c2bbd72336530eefb258166a5_JaffaCakes118
-
Size
528KB
-
MD5
1c01bc2c2bbd72336530eefb258166a5
-
SHA1
95cc61a79c10dbf1beefb6306ee6de367d73d022
-
SHA256
16801c285de9f40edd59951515bfaaaddaf586defcdb309b730f4d20acbd07bc
-
SHA512
32aefca83f8d0f73e3acd1ca330c34c5630995825e809c43655991fdb5b57477137d5cb415cb6b4ef8ebb5d2657d20e7f3cd464cd54bdd4dd8c20d4b2b0c01c8
-
SSDEEP
12288:m+LBj05NcFwKUynJ9ypCT6NNqavSR5SFgeiqRFpfZ6Mi:BVYwFlUynJXmstax6Mi
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Checks BIOS information in registry
BIOS information is often read in order to detect sandboxing environments.
-
Suspicious use of SetThreadContext
-