Extracted

• • Target

    e824a73d88b9765985521ab74290a3b9_JaffaCakes118

  • Size

    48KB

  • MD5

    e824a73d88b9765985521ab74290a3b9

  • SHA1

    342f0a37383772bb20eccaea65052afb1ccfea79

  • SHA256

    b7b961f0673317cae29397cb520b1ed6bb3d152586b906fca98c0d309a5c24b4

  • SHA512

    6cd932d3f637faeeead687f06e794d8c5417cebf5bb8ff128e3ca7513ed2fbd861bc56a80f5d4a5d340b7baa8c63539a384d5f5c5a8096377fb4a3e8a3497e2c

  • SSDEEP

    768:Xt8aSHlCO0Ffbsfd0o/IZmtsQF+hYVhiBqrFx0oaaFa5DO42k9nK6FdM3SLBp:XyaNth2gstsqCza4pUqK6eYBp

  Score

  10^/10

  metasploitbackdoordiscoverypersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Adds policy Run key to start application

    persistence

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1behavioral2