Extracted

• • Target

    feb88dc5b2bd9fa79aa8ce51a2077e8e_JaffaCakes118

  • Size

    107KB

  • MD5

    feb88dc5b2bd9fa79aa8ce51a2077e8e

  • SHA1

    b1382abc4efeecba978b39af05728ec2357e5deb

  • SHA256

    e3bd5002521558fd23676379b46b6e0526befd56474c2b989d74e6ac150e0784

  • SHA512

    f62d1629d3e12675bbb3c47e22d4a22a67c73230679ae7ad8b2ddcf51bc6d3fa7375d7999dd279ab4053d2b074a263f02327afba7360cca220d7ce3830aea448

  • SSDEEP

    3072:zZ5iA33ue5BYdpCfaymPI7o7GJGPVu76Zj9Knv88X0m:zZgA33uiB6pz6aQUO6Zov88X/

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojanupx

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Modifies security service

    evasion

  • Executes dropped EXE

  • Loads dropped DLL

  • Drops file in System32 directory

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2