Extracted

• • Target

    9446b09bd8aab1b16703929c595a8a9e_JaffaCakes118

  • Size

    64KB

  • MD5

    9446b09bd8aab1b16703929c595a8a9e

  • SHA1

    7ff844f2921957b1a55bbe12af9173a99cf9820d

  • SHA256

    0eb9d1286ea69fc84f4ba525886475f18c1d71505626750c15324fc284134354

  • SHA512

    f90ec8316d28eb3bf236b95cd3cd00f9ccc809a9f95597119f2859026079e202443d15c6a14e6c8af65cc1d5a9f4065e6cc19de847cda45f6a2b61445724f7cd

  • SSDEEP

    1536:HKBg+gTROLdlGq0zJNke4qRqsln/4tPk/:hqplGqANk/sSZk/

  Score

  10^/10

  metasploitbackdoordiscoverypersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Adds policy Run key to start application

    persistence

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2