Extracted

• • Target

    JaffaCakes118_00fbeef072a47eaf7ce22f393f2b83e0

  • Size

    244KB

  • MD5

    00fbeef072a47eaf7ce22f393f2b83e0

  • SHA1

    35e397f64579bcc07a973c1be16a89d09c4c537e

  • SHA256

    c18b063598dd0f8dcc6634530b451f86974734e0b2d9848708dd51dd4c9367b0

  • SHA512

    f7a84c31ac03cf3f42174bffcb052f6b4d4f026408765da760d2592b49a0f7e5b8d9a45c927008840f0c788ce14a45b24392b662679aa2bb077de0ca6f5c3364

  • SSDEEP

    3072:KzW+DiC9iLo+GnHo45G3L66ubXuXVbaPfyPW+qjNUZXW02n1/z0nH1QL0md4OSeZ:VKwLo7I7b66urKVbVEeZmrYVxmb5LQu

  Score

  10^/10

  metasploitbackdoordiscoverypersistencetrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Executes dropped EXE

  • Loads dropped DLL

  • Adds Run key to start application

    persistence
  behavioral1behavioral2