metasploit | 48eccc80bdb7e3ee3de752ee975623c94e9314503a91f1b63eaf3cdfebf5897d

Analysis

max time kernel
147s
max time network
157s
platform
windows10-2004_x64
resource
win10v2004-20241007-en
resource tags

arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
submitted
04-11-2024 00:23

Target

8e3ce6c61c012b029b5a2c3d54069878_JaffaCakes118.exe
Size

5KB
MD5

8e3ce6c61c012b029b5a2c3d54069878
SHA1

97334fdd05a40b453b15f42ca573f36c0c993c0e
SHA256

48eccc80bdb7e3ee3de752ee975623c94e9314503a91f1b63eaf3cdfebf5897d
SHA512

9b1a1ba4ee57257e4af5a731980694a73aa0e4b34965ed77197650b63df672ceae7f59d4fcb93961d6e18a2bb2398a9f2a0d0ce84b616c38c03cc6d61900e69d
SSDEEP

96:Spf9EHznYPLLAZhbFToXMpIuZv19ozNt:Sx9Kq0F2MpVZd9q

Score

10^/10

Family

metasploit

Version

metasploit_stager

192.168.49.83:4444

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\8e3ce6c61c012b029b5a2c3d54069878_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\8e3ce6c61c012b029b5a2c3d54069878_JaffaCakes118.exe"
1⤵
PID:1896

memory/1896-0-0x00007FFE394C3000-0x00007FFE394C5000-memory.dmp

Filesize
8KB

Download
memory/1896-2-0x0000028351780000-0x0000028351781000-memory.dmp

Filesize
4KB

Download
memory/1896-1-0x000002834FC20000-0x000002834FC26000-memory.dmp

Filesize
24KB

Download
memory/1896-3-0x00007FFE394C0000-0x00007FFE39F81000-memory.dmp

Filesize
10.8MB

Download
memory/1896-4-0x00007FFE394C0000-0x00007FFE39F81000-memory.dmp

Filesize
10.8MB

Download