Extracted

• • Target

    cc3d29e605581e20fde808580ae82031_JaffaCakes118

  • Size

    57KB

  • MD5

    cc3d29e605581e20fde808580ae82031

  • SHA1

    b2ca7544873a2b13a7d8e2aa9bffaddaaf44c982

  • SHA256

    fa94dceea66dfa6744e59dbe4707ad587469c79376a0389160763896bbbb8875

  • SHA512

    43fea5ebb7680c0a0e18dbca8a559042cfe3aab625807142466d540c09ee38999937843d420493b17e9beaa029774721f957dd998c138ff8b41d69b9cf0c77e6

  • SSDEEP

    1536:W5faTt6llw7XQRaQ7XQRaSpUPSR6hdrJBCrH:uI4lw7gRx7gR4xzrJBGH

  Score

  10^/10

  metasploitbackdoordiscoverypersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Adds policy Run key to start application

    persistence

  • Executes dropped EXE

  • Adds Run key to start application

    persistence

  • Suspicious use of SetThreadContext

  behavioral1behavioral2