Extracted

• • Target

    f4d0a41ba6d000d36a14a362141b6841_JaffaCakes118

  • Size

    146KB

  • MD5

    f4d0a41ba6d000d36a14a362141b6841

  • SHA1

    b4b2b3fe7747acd06cf95ce9dc7d14e8e7f8a7f5

  • SHA256

    078ed4ad77c6686fadf47f57352d4cc2418bf7641974ba3ee7fc59e8b4b47a09

  • SHA512

    75810cdc355a8ea01ef3d9f77ba1d56ed11fc65f84e5a1e5566e9abaf6b4217b92887a27ad1cff072963119f95510035604d8b9dd30ebeb07d6841da297a7908

  • SSDEEP

    3072:zqgRa6ZSpvGBjzevS0p5NIgrfKRNjBWzxJ1vp6Lpd4n2OsRcSG:zqgAJp+hzG7IgujExbvp6Lpd42z

  Score

  10^/10

  metasploitbackdoordiscoverytrojanupx

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2