Extracted

• • Target

    41fe20110c98217d7265d3e9dba51a95_JaffaCakes118

  • Size

    55KB

  • MD5

    41fe20110c98217d7265d3e9dba51a95

  • SHA1

    7bce3d8f9af76d6fb1dcc4c2dad781ad09586fa9

  • SHA256

    642c6263f331764ad33a40a65b5c438ed74d980a77121a0fbf09e1fe549db43d

  • SHA512

    21cb0a29a6182c20c8177362636df7fc7a54d52c7cece3368c13ff66a9f5444d6ff3d4462c538f6183c4c6a60c6e4d750815c5bb17c151bdc355f8b12d1335cc

  • SSDEEP

    1536:H0O6dEQbn/aqlhO2yxCYbwN8FG5ipwd+dQjN/KmS72B:H0EQbn/aqlhLyxvkgOkwEuF5S7

  Score

  10^/10

  metasploitbackdoorpersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Adds policy Run key to start application

    persistence

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1behavioral2