Extracted

• • Target

    f7e0b02274fc1f2efc02ea1dce172f27_JaffaCakes118

  • Size

    48KB

  • MD5

    f7e0b02274fc1f2efc02ea1dce172f27

  • SHA1

    193fcf0e3834f838d42c21888f05665f892c161e

  • SHA256

    8971ee7fcabba636595a433df58dbbb20116396bff10f6c1d81899895d012376

  • SHA512

    ed1849f93a3b91d101054b0cf5ca2242783b4d8ef925dc66a28ab0bf501dcf5220d1decd2ff79185f66fec64acbb3ba991eec41b37569665d62155fe4b9dc643

  • SSDEEP

    1536:RbjeH8lrF6OK9EdsAwGnOQOUB6ka9FOoMOR:RbjblrF6OKSw84f

  Score

  10^/10

  metasploitbackdoordiscoverypersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Adds policy Run key to start application

    persistence

  • Executes dropped EXE

  • Adds Run key to start application

    persistence
  behavioral1behavioral2