metasploit | c34b62d20a634791badec80fa8a10a22e69db12637889e7c341a5fc38f531972

Analysis

max time kernel
117s
max time network
119s
platform
windows7_x64
resource
win7-20240705-en
resource tags

arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
submitted
10-07-2024 19:45

Target

36204494d070e2c71d0bcef93b99ef65_JaffaCakes118.exe
Size

72KB
MD5

36204494d070e2c71d0bcef93b99ef65
SHA1

1d69ee36f5f473eb47b452cc804abdc2bdce1652
SHA256

c34b62d20a634791badec80fa8a10a22e69db12637889e7c341a5fc38f531972
SHA512

9221e6b8cedd6a04e5b79f1b03bc9c76a59866b1fc43c248d4a11b2cc9c6b2d9705a64adde450f8f36c87215c622f831bdd1583533043c63f94fea2793db5dbb
SSDEEP

1536:Iaf80c5LmtZDi+AYSSo0HTJ8iJG8ZaMb+KR0Nc8QsJq39:X00KLmvi+AYSShSiJG8Ee0Nc8QsC9

Score

10^/10

Family

metasploit

Version

windows/shell_reverse_tcp

10.33.12.52:5000

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\36204494d070e2c71d0bcef93b99ef65_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\36204494d070e2c71d0bcef93b99ef65_JaffaCakes118.exe"
1⤵
PID:1640

memory/1640-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download