Extracted

• • Target

    e8060ab01765cb5c0fe69726d9241ee2_JaffaCakes118

  • Size

    80KB

  • MD5

    e8060ab01765cb5c0fe69726d9241ee2

  • SHA1

    ac9c62111e7a832eb4187438498aef14b7778a66

  • SHA256

    98fa3ba709ef960b887da77a79894cfbbb111a19f51fc26f5f1295294d964aff

  • SHA512

    a8aa4f82a765c420bdd5426b8a508b1c8b7aae17f1c59ab29a67926e77c87184f82b22de5a2bc8e4ab41307b086fdebdba488efddae2ae0857b8fe4f5b36f2e7

  • SSDEEP

    1536:97FdzKtG+MwfTZ37XGXTRW/90KZqqCSyhy1Gjut3:lKtGpw9GVO90K0qzEjm

  Score

  10^/10

  metasploitbackdoordiscoverypersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Adds policy Run key to start application

    persistence

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2