Extracted

• • Target

    e940d20bf352247a3b3b445c306a0165_JaffaCakes118

  • Size

    50KB

  • MD5

    e940d20bf352247a3b3b445c306a0165

  • SHA1

    aadaab5a19293b15cc5a66927e92d9f383936fe5

  • SHA256

    6ae14ad216e305538f812cf7f256131f1803d6c97edbef9af8953f027ded12b7

  • SHA512

    9ec7acb3ccdc1e3b4ec2fa4504addff241bcc600d111bd092f8025f9b4db684971d811fea686a335007176aab7aea593ef9c03d50808fc46e109d811bf337003

  • SSDEEP

    1536:2H8lrF6OK9EdsAwGnOQOUB6ka9FOoMORrpqFQ:TlrF6OKSw84fpIFQ

  Score

  10^/10

  metasploitbackdoordiscoverypersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Adds policy Run key to start application

    persistence

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1behavioral2