Extracted

• • Target

    efea992d1881b369ed66e4a0c081b441_JaffaCakes118

  • Size

    115KB

  • MD5

    efea992d1881b369ed66e4a0c081b441

  • SHA1

    ce0f33446815fb64955ec4d41b360079863a5081

  • SHA256

    359f47c66c8d83349006f311e8d6bd3d61861289cffa289e8563d41121433ba3

  • SHA512

    1532801643ff49f3e541115a04fe165dc26091fc9e94aa50d3cb6b6b4edebe897687cef41512a13475080e54d9e4bc14fdd9eb6252cc55140a8f8566ece133ce

  • SSDEEP

    3072:Cf8wNOO5/bHoUYmxF44UkbZEvoAh4zpS4:Cn5dn4rkWgfD

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Modifies firewall policy service

    evasion

  • Windows security bypass

    evasiontrojan

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Drops file in System32 directory

  behavioral1behavioral2