Extracted

Extracted

• • Target

    e99f6ab90c467e6f67379912be367664_JaffaCakes118

  • Size

    693KB

  • MD5

    e99f6ab90c467e6f67379912be367664

  • SHA1

    a2236b36e18c46941051590ecbc2f9b81089e7bb

  • SHA256

    dd1b98a578d4c4dac4064b9849630878b95fe9e06a8eb141c8612e660caeacee

  • SHA512

    9718c7d0eecf1f1cd843a59554193857fd9fe8edf23c77f046c9b6f1453ce570a76ebce715ca69ca4268c168d7f4771c97a6163cf07f2e1cc6f0f60217079a89

  • SSDEEP

    12288:FayriPUR51b9eX7Gy569idYRYJW1VDjrmAkx:FayrisR51ReX7Go/Ed7jrmd

  Score

  10^/10

  metasploitbackdoordiscoverytrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Checks BIOS information in registry

    BIOS information is often read in order to detect sandboxing environments.

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  behavioral1behavioral2