Extracted

Extracted

• • Target

    dc3899c7ce032010e02c8d215d07508a_JaffaCakes118

  • Size

    127KB

  • MD5

    dc3899c7ce032010e02c8d215d07508a

  • SHA1

    7dd5c19592f23467172c4340ba9b0dce4b4ea510

  • SHA256

    cda020e7307b211db675fdba00856d2f80e8f39a69294742a462c2e0f393ae29

  • SHA512

    4f236e0a45e2d621fb39109d75a3abec98732fd95d508999be10ca0a845d642e4be8f9d1d90e923d423b3151e66e6923f489816da9c6d83ed96948fe5499ddc9

  • SSDEEP

    1536:UAZJqyVRMtkDymExwJFBP3Dp7+MO6Ql6pNWIlJ:lqyVe+/VUV81lJ

  Score

  10^/10

  metasploitbackdoordiscoveryexecutiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Command and Scripting Interpreter: PowerShell

    Run Powershell and hide display window.

    execution

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2