Extracted

• • Target

    c1514cda928c116fc02829b3f6e22a81_JaffaCakes118

  • Size

    115KB

  • MD5

    c1514cda928c116fc02829b3f6e22a81

  • SHA1

    0a600ad91728d2c0b32eba2ad216af7249d13b90

  • SHA256

    472fac578dddaa8cf6c5cae4c56f0a2b0a4a263d932412214d827def7c18d6b2

  • SHA512

    40fa43101b46574f3bdd0db5e16e1732b4a298df8c8a9af1eede61039c442f955f4a0c256aa33cb044751d15d2a33c43c1b144c727a67a59450d9c0bd35391d5

  • SSDEEP

    3072:nf8wNOO5/bHoUYmxF44UkbZEvoARVeGAaxkjy+:nn5dn4rkWgqVeYxkj

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Modifies firewall policy service

    evasion

  • Windows security bypass

    evasiontrojan

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Drops file in System32 directory

  behavioral1behavioral2