Extracted

• • Target

    JaffaCakes118_68dbd74350ce7619af23505884013f0b

  • Size

    145KB

  • MD5

    68dbd74350ce7619af23505884013f0b

  • SHA1

    17db602e30a547768ca6b02df71e70eaa8c206f5

  • SHA256

    7e3adc944530c9be28a5f5a527dadb35cc989efbe2da8499a95c76abef31dd56

  • SHA512

    59b2ac45897a85d7845276e70c5f51ec4e9dfc5d69be9ecdb2eb9fc5afc58d2e83bf23c3006993584266c494649bccb3545fd308231225c42eb58d90312ce45c

  • SSDEEP

    3072:8f8wNOO5/bHoUYmxF44UkbZEvoAY+SC76F5YmQa:8n5dn4rkWg5PCOF5Ym

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Modifies firewall policy service

    evasion

  • Windows security bypass

    evasiontrojan

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Drops file in System32 directory

  behavioral1behavioral2