Extracted

• • Target

    bbf5a914cf7e65901707bfcd3d8b5364_JaffaCakes118

  • Size

    115KB

  • MD5

    bbf5a914cf7e65901707bfcd3d8b5364

  • SHA1

    dd7e6146c15d57bae4e3935a52d28c7ff7e8c711

  • SHA256

    cae1791d618704d7fe10d622e52bb614c643c525cd32dcad3035581812790d85

  • SHA512

    2fc9005b0a929b1a20f7a4f6eac18aaf2fd69a98172c364461545c0a2b15a452ca76deb449186e6f06b141f64860c7d3d389e5062fd4d633e27202c2eedcecbf

  • SSDEEP

    3072:zf8wNOO5/bHoUYmxF44UkbZEvoAVwq2BCmJ:zn5dn4rkWglq2nJ

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Modifies firewall policy service

    evasion

  • Windows security bypass

    evasiontrojan

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Drops file in System32 directory

  behavioral1behavioral2