Extracted

• • Target

    d604e3f9d2b7801914d75054f976cd6c_JaffaCakes118

  • Size

    54KB

  • MD5

    d604e3f9d2b7801914d75054f976cd6c

  • SHA1

    8e12342963df1bf49c0dad845523b80f70abf56c

  • SHA256

    6d93ed54660aaa628e1adcc507f9c5da3f92a4c9600c9942847d59afee136e01

  • SHA512

    f98dc79f7dbbce46ba1726e150c32398890e1e68dd8d2cdb121b379b5d13a1671ee8a7af2dcebd653fd40341415d6e15afc0106be0023e2d6e0aa9ae42f6b018

  • SSDEEP

    1536:GrA92Sv2H6Mlq6N7cyCXX01LNaJqauBXFE:19zv2H6Mlqg7RCQkqauBC

  Score

  10^/10

  metasploitbackdoordiscoverypersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Adds policy Run key to start application

    persistence

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1behavioral2