metasploit | d073c76ef96feea46a239e15e40258e95f6c21cbed2cd4225e38061b76c8649d

Analysis

max time kernel
121s
max time network
122s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
18-09-2024 02:01

Target

e81d71a664ff207fabd6608619400e08_JaffaCakes118.exe
Size

72KB
MD5

e81d71a664ff207fabd6608619400e08
SHA1

8c16efaad20b761163a34c17a41fcd28dd80d21a
SHA256

d073c76ef96feea46a239e15e40258e95f6c21cbed2cd4225e38061b76c8649d
SHA512

293860272c5e37f8c7595d5c36ca168891b85aa4a01d39929e8e2c5897532aff9ef18c77890b2f84e645d5f387a36c4cc913c4527ab57dbcae4846410ea79abd
SSDEEP

1536:ISYI4h2k1NflE1AhxOT6mRRho4Mb+KR0Nc8QsJq39:vYFhvBnhITxe0Nc8QsC9

Score

10^/10

Family

metasploit

Version

encoder/call4_dword_xor

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\e81d71a664ff207fabd6608619400e08_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\e81d71a664ff207fabd6608619400e08_JaffaCakes118.exe"
1⤵
PID:1260

memory/1260-0-0x0000000000020000-0x0000000000021000-memory.dmp

Filesize
4KB

Download