Extracted

• • Target

    c5c7337e1cc43922cb5c9e312dc07aec_JaffaCakes118

  • Size

    406KB

  • MD5

    c5c7337e1cc43922cb5c9e312dc07aec

  • SHA1

    106f6fe7724580d32782c16e914df82b6c94dae6

  • SHA256

    0e4cc5443850aa4ae804edf9e38364bf66a352934222a9f183a0f818433c0b0b

  • SHA512

    23a7f7a74ad54239a4f25fc0d6145217a1555dcb2181aad5ed7448dad62ab016944c5d213285d137d0c86ac106f4ca09a797fcc7178abfd68850e719dafcea16

  • SSDEEP

    6144:0OXbPDYSa4EllnQRWjLFup4aocXIxcg4g+gwoM9i3Uxc8hn2S7eW3Muu/:hL0LfnQELVaoNCg47gEz+8hnrl3MP/

  Score

  10^/10

  metasploitbackdoordiscoverytrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  • Suspicious use of SetThreadContext

  behavioral1behavioral2