Extracted

• • Target

    8d688bdabb73eec35c0110fda2e6c507_JaffaCakes118

  • Size

    444KB

  • MD5

    8d688bdabb73eec35c0110fda2e6c507

  • SHA1

    47e4dacf35659560a75da7bb816d47ef633c7326

  • SHA256

    0e3dffa2868a59dfaef8366c777873108b10fa864a54f7bf47ab2e32560e2932

  • SHA512

    fdfbae722875d54fe50254b84122b6a9048d89e450cb0e629300014b09bae68f319d55b2a7c6653cb65a47ece31d85786bd654e7d8fae65c21254a64eb6f5fdf

  • SSDEEP

    12288:bA+9QKbU1mNjny+HuY/bYaQbd6+6eKk+CpTBGvn:4KbUAjyWM9+eKk+iBGvn

  Score

  10^/10

  metasploitbackdoordiscoverytrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2