Extracted

• • Target

    fcb5695a58313c7c0341bd5a6a0e8bf7_JaffaCakes118

  • Size

    102KB

  • MD5

    fcb5695a58313c7c0341bd5a6a0e8bf7

  • SHA1

    cc791671160e423aa7845566fdfe0e6c792401f5

  • SHA256

    4c16edebd158f250b0fba02dce4f49fa9126e95139016e65b96642f2323930db

  • SHA512

    64c9bf3ff64b15baed32ee60c53cbbadd69a29176176e7cc94eb932c93a8bdc8062f4d6daca95797dfd4cd8861905700439ed077bff01545f0c1e39dafd1c321

  • SSDEEP

    3072:zDlFYy7UFiiL5/GJCj1GYsyKnuADfzRUlbt3Tzq7h6l:PB7Ur+bYs/uAPe3P/

  Score

  10^/10

  lummametasploitbackdoorstealertrojan

  • Detect Lumma Stealer payload V4

  • Lumma Stealer

    An infostealer written in C++ first seen in August 2022.

    stealerlumma

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2