Extracted

• • Target

    0d39d5d55e5e035bd1586c828eb98e7b_JaffaCakes118

  • Size

    56KB

  • MD5

    0d39d5d55e5e035bd1586c828eb98e7b

  • SHA1

    defb30ff8f6d181e53106bbfe3ae7e39d659d92f

  • SHA256

    6342009e70f29a9f25617dbdfb85e67dec292a5585bdee2f11469a9c47611d32

  • SHA512

    b04ee07ae602f6178a9d0bed974a536fbf9cff4d8038ca203dcb6792886c22ad9bf7dcb7187f3b9267946fccbbd0b40a0828a512d915419c92d231d34e43122b

  • SSDEEP

    768:DadaE737uUmJ4LnPorh2GNVU9paA2Pewda4m4Q03qfOsHorVcauqyFC:udf7ruWPork4AFwdc06mNrVbIFC

  Score

  10^/10

  metasploitbackdoorpersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Adds policy Run key to start application

    persistence

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1behavioral2