Extracted

• • Target

    JaffaCakes118_63d2ee284ea9d7b62d42c10111f8f157

  • Size

    135KB

  • MD5

    63d2ee284ea9d7b62d42c10111f8f157

  • SHA1

    c04b071315bba37482bc8d8affb6e155d8138bc5

  • SHA256

    afd1775c9e145c62f2af712cb50fbcd2c077187c6d9d270d28839ea8303d770a

  • SHA512

    1af0eeea87d7276729f1201d6f0131771c95e76c09c07aa3e431c9e352d683f783b3887d9e849c7f7a9c2e6a366c302b6c67fa6fe00f56a15d79dd39f91c1f1d

  • SSDEEP

    3072:Uf8wNOO5/bHoUYmxF44UkbZEvoA0opVgZGW:Un5dn4rkWg8pV+GW

  Score

  10^/10

  metasploitbackdoordiscoveryevasiontrojan

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Modifies firewall policy service

    evasion

  • Windows security bypass

    evasiontrojan

  • Deletes itself

  • Executes dropped EXE

  • Loads dropped DLL

  • Windows security modification

    evasiontrojan

  • Drops file in System32 directory

  behavioral1behavioral2