metasploit | 61a3aa188bd4e71bd115c30874cc712a52f6d9d72f2ca0a963106c7229608381

Analysis

max time kernel
132s
max time network
126s
platform
windows10-2004_x64
resource
win10v2004-20240611-en
resource tags

arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
submitted
02-07-2024 14:02

Target

1f8fafc4af75c4ed9435f6e1cdf41016_JaffaCakes118.exe
Size

14KB
MD5

1f8fafc4af75c4ed9435f6e1cdf41016
SHA1

bd39656ca0fe808053b8da96ebf092850f6c0f4a
SHA256

61a3aa188bd4e71bd115c30874cc712a52f6d9d72f2ca0a963106c7229608381
SHA512

0445523ec8e9be297a205d601dc93dcaa57bc4227e1c3ea3767a6d65c85943f94ec08edba242a42a7e2b954b7676320cba8bcfebcc95af532e88eb2fb2a3ac28
SSDEEP

192:wHCugRK83SxHn2OQ/dmBI4KBPwgir+xzrDfcubqUqV/Qjo7AGa:0CxRKqbOCdWIVBPk+xzfUqfCXAn

Score

10^/10

Family

metasploit

Version

windows/download_exec

http://64.227.8.3:80/jdU9

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUSMSE)

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\1f8fafc4af75c4ed9435f6e1cdf41016_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\1f8fafc4af75c4ed9435f6e1cdf41016_JaffaCakes118.exe"
1⤵
PID:1400

memory/1400-0-0x0000000000150000-0x0000000000151000-memory.dmp

Filesize
4KB

Download
memory/1400-1-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download
memory/1400-3-0x0000000000400000-0x0000000000409000-memory.dmp

Filesize
36KB

Download