Extracted

• • Target

    3e6e9702786fa7ceea55ea6fb0f491b9_JaffaCakes118

  • Size

    130KB

  • MD5

    3e6e9702786fa7ceea55ea6fb0f491b9

  • SHA1

    a70817083bd419e90a4a5f34d55d48816c0878aa

  • SHA256

    db78ac90884e74d3f4343469ad18567f1d834ddfbbd7b62aed1c196a66d908f7

  • SHA512

    a015b9a996a5054973763b80c012698682b888aef3dddcf3214d294e65e845bddde8bbb1fdf312e46a4ab5c52c10dbf5e6266d0f2eff6d16e4139effd3922859

  • SSDEEP

    1536:GeuTgrD7d0u9R7ui7Bm8VSFQUfsUkIJdPPf/Hb2NnjoLM+fPGALaptCenbv3Z:TJR0uD7znpUfNRTaKM+feSstCObv3Z

  Score

  10^/10

  discoveryupxmetasploitbackdoorevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • UAC bypass

    evasiontrojan

  • Checks whether UAC is enabled

    evasiontrojan

  • Drops file in System32 directory

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2