Extracted

• • Target

    adb77ff20968ce39bbf7df1907cc690d_JaffaCakes118

  • Size

    47KB

  • MD5

    adb77ff20968ce39bbf7df1907cc690d

  • SHA1

    b2d72d421fbaa4c61d55ab72ca1e4f52d3f973f4

  • SHA256

    462e77dd8a4803fb458fd6cab02f488dd064c880b65b3526a84b43f3bbcaf4d7

  • SHA512

    69327bd0702227ecdd4bf001cbbfe8f456c1b9a3c3e57d10f145351a7a302ed989faeb6209fe484ce00c97990095865265c7502c42635ae1999d12c6f4237d98

  • SSDEEP

    768:3NuFWj5C2xhBtAeLoAodBXs2QSBV848F4ALyTNiR4yNA5lViUdyJWAEf:duFWjk2HAMuB82QSAbF4A1elVi8AEf

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Modifies firewall policy service

    evasion

  • Modifies security service

    evasion

  • Drops file in Drivers directory

  • Deletes itself

  • Executes dropped EXE

  • Network Share Discovery

    Attempt to gather information on host network.

    discovery

  • Drops file in System32 directory

  behavioral1behavioral2