Extracted

• • Target

    d9489eef358d1e0ba6658a6dd7d0567a_JaffaCakes118

  • Size

    314KB

  • MD5

    d9489eef358d1e0ba6658a6dd7d0567a

  • SHA1

    9bcff8acdb9855af43fee177fa3ea6187596b95e

  • SHA256

    37523a3faedfda08f4fcbe718b8aed77d5c041c980a91d96bd68961afa8f8123

  • SHA512

    ea09f048ef41fc2b2b68f5c42f14720965a5729315035dbf9a6d6e3d00efd22fb6e4146a6265199638fac8143ec80efda7b2945525099259d0021535c6c8637f

  • SSDEEP

    6144:iV4oh9t9yMLji1F88zvIZDN1WmWOzgJ88aciNTVncCGXZ6KPJIs5k6YkB:iiyIgji1ZzvI1N8mZEJSBncCwpPJI+k

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Modifies security service

    evasion

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2