Extracted

• • Target

    f795ad23360b55f295bc3914749624aa_JaffaCakes118

  • Size

    485KB

  • MD5

    f795ad23360b55f295bc3914749624aa

  • SHA1

    74f3ad7c13c15e393a1d16e03f04f346cce45524

  • SHA256

    b277753c0a696aca0a01a5a3ef3275dd28de75687213a11bbf6c8a0fa2cddb67

  • SHA512

    343ac1947f2d562573d432176e7936b91e22be747a2aa39b5917e0e52017fcba3a9fe8d06d77bcb77e442b54b324af5d6585fbce91306b6edb251001ab8dde93

  • SSDEEP

    6144:fKwLo7vp0yN90QEmEiSwDmkreRgvlx1sB1221SOopF2ZpKAvD/ugBx3oluuMsWvG:bLoWy90A7SZQe0xCa21kF0KAr1ls

  Score

  10^/10

  discoverypersistencemetasploitbackdoortrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2