Extracted

• • Target

    JaffaCakes118_02409623cdca86f694e239dc88df9db5

  • Size

    14KB

  • MD5

    02409623cdca86f694e239dc88df9db5

  • SHA1

    a8988272a3fda0857f02c8c26d67321f02684c39

  • SHA256

    942a3d1e7e46c905ccc067ab07af7868d5e3d6ffcfcdae812c9c020df4e30741

  • SHA512

    19f19b6c68da307ddec577c9cec1b429ff3beb75bf3749933a0d23da60345953287ba28d94cd760bbb0066d1c20e817abf744631ae2b965b911e66e489f34e2f

  • SSDEEP

    192:nmNvID1+vPOd8+SjYFrAYf0xQmibcmoSk50re1IokWKDTlKDzSdzWM:SA5wZ+nUT0Yb5EeVKDTlKDzk

  Score

  10^/10

  metasploitbackdoordiscoverytrojanupx

  • MetaSploit

    Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

    trojanbackdoormetasploit

  • Metasploit family

    metasploit

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  • Executes dropped EXE

  • UPX packed file

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  behavioral1behavioral2