Extracted

• • Target

    8db6672a29b554495af1d24c7eda844d_JaffaCakes118

  • Size

    475KB

  • MD5

    8db6672a29b554495af1d24c7eda844d

  • SHA1

    8ba5ce1e77622665b726df922660a28961d66f34

  • SHA256

    761f051cd575407a40807b5ad0db20ab76c8d65d7be002fc1cf6a5a78a91aa1e

  • SHA512

    302eeb07e0da383a8fd5d7f492e837c1beb9d70e2a0ea5333d99c828334e02769f1dea2b2bf39f5f9bd8ee40359df63d977dcc5df2befe4f75cc81661a9978d3

  • SSDEEP

    6144:oRDq+wpswbLTjEY6YjH9NoQdIjVMrtM063NOIgtLti+A21xS9:uq+fwP36YHxdIiM0CNObtLtAd

  Score

  10^/10

  metasploitbackdoordiscoverytrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • Loads dropped DLL

  behavioral1behavioral2