Extracted

• • Target

    dcf664e1805af14d5ada38f294f8bfea_JaffaCakes118

  • Size

    604KB

  • MD5

    dcf664e1805af14d5ada38f294f8bfea

  • SHA1

    df33f33e17d1f9679d0a16f302a41f7c7f44409e

  • SHA256

    e4090ff6201a856768d2dad36fc7438d905bb6c035596991a6a3c2e6d9caffd6

  • SHA512

    f7282d689f57d7afba161af8d5f82ab8ec2061d91a1bde15adc58c95b1d27377dc8f21e1dd0edcba6cde889ad0469b249538d51cdc8cbb9c6654948991d02933

  • SSDEEP

    12288:unb0x0YtqvWlZCCiDGRRDpJO+c5fNjI+zZQKhvUzUd/LdB:XntqvWlZCALu+c5fZI+3aIb

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Modifies security service

    evasion

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2