Extracted

• • Target

    2024-11-17_3332a48e0192bcb0ae84e6c717d43828_goldeneye_silence

  • Size

    255KB

  • MD5

    3332a48e0192bcb0ae84e6c717d43828

  • SHA1

    24595a6185a84e670932adf9145dcbe64205c304

  • SHA256

    f4f675a5a05d2ee08c50450b673e6ca099b0ab93c5eff7fec00781c3929f773b

  • SHA512

    a24527850da9775f2eb29a96b1958c0f4c0eed7a12d9113834781d512ec4f5451fc7ab6867115b0658f3f78523a6609e0b66fa46fed5413ce8d2d57ebbb6c1f4

  • SSDEEP

    3072:uTAjnioLO7WpLyLNZMcPSK7BaZ0NwAWMGc0HfmY4KsyyOiy12KJ3oK4YgTl:u6nrD0ZMcPBAL7c0fTHs+2sVXg

  Score

  10^/10

  metasploitbackdoorbootkitdiscoverypersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Executes dropped EXE

  • Loads dropped DLL

  • Writes to the Master Boot Record (MBR)

    Bootkits write to the MBR to gain persistence at a level below the operating system.

    bootkitpersistence
  behavioral1behavioral2