metasploit | 409e1be5fb129f97eaecf11df3d6bb103e9d1c75e9bc4faca38f7dfc456f0127

Analysis

max time kernel
141s
max time network
123s
platform
windows7_x64
resource
win7-20240708-en
resource tags

arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
submitted
11-09-2024 18:33

Target

dafa6e66ab561fec8b16d01776e67b33_JaffaCakes118.exe
Size

4KB
MD5

dafa6e66ab561fec8b16d01776e67b33
SHA1

687c1de0c691a60748256a238d13bdfcbbaba7e1
SHA256

409e1be5fb129f97eaecf11df3d6bb103e9d1c75e9bc4faca38f7dfc456f0127
SHA512

a89cc12102d02a55a7808a4872d543de23f152a5820ca0fceb7546ae9dd40b55576de9692119d7c020e101267fbaf561af8d90c9495a194f476fea08de6436c6
SSDEEP

48:6/iS4V4MZtzBRQLMgF9dfnofG+54E9+YxsRGwapVRhrls6+aR6Xi6lqtGLdpBY2:+XAtzbQgu9dPG5DNxc9apbJBR6qtGrD

Score

10^/10

Family

metasploit

Version

encoder/shikata_ga_nai

Family

metasploit

Version

windows/reverse_tcp_allports

193.34.2.1:10004

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\dafa6e66ab561fec8b16d01776e67b33_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\dafa6e66ab561fec8b16d01776e67b33_JaffaCakes118.exe"
1⤵
PID:2152

memory/2152-0-0x0000000000400000-0x0000000000404000-memory.dmp

Filesize
16KB

Download
memory/2152-1-0x0000000000400000-0x0000000000404000-memory.dmp

Filesize
16KB

Download