Overview

overview

10

Static

static

10

tulacrupatatecru.exe

windows7-x64

10

tulacrupatatecru.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1953435453f91d6334a0c40d568de09c_JaffaCakes118

  • Size

    55KB

  • Sample

    240329-fwnbxsbc23

  • MD5

    1953435453f91d6334a0c40d568de09c

  • SHA1

    f45f0bc8f201e22072c6f273e15e5af7d79970c8

  • SHA256

    89e86f848bf51d77fa141bff00641f24b053bdbb246c7ffab559c7acc64e0d91

  • SHA512

    efcc4d18afc7e6733cb7a7afead6266545094393912b61592b88c3f3e8bcda68382fd94d73fb3cd090d8965c961a14b1bbb59ea34c36dd70629d0140767b0253

  • SSDEEP

    1536:3kWrVmGeMW1waT5vkmmks5UBr0umEp0/s:3kWYGZ0knks6BouIs

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.29:1605

Targets

    • Target

      tulacrupatatecru.exe

    • Size

      43KB

    • MD5

      a952d7eb92d8740a9d70b20026ddc564

    • SHA1

      f4a66103fdcd1b57bab65b0bbb167935b9593850

    • SHA256

      807683558e505a336fc469d0ed066991451b2ea5c0d9bb781d84f3b4769e2026

    • SHA512

      116d434369f47771bafb61108f14d277d1087400a24bb47c50f6b104021a4310c67fa705954ce4d6394ce3631874ebe1ce7ced3b801df390b2ae05c175116559

    • SSDEEP

      768:NFkP6UQpP7R72qQLBKrX9Dqc+D9XWOsWAoLnd:Q6UQpD92qQqNDqc+5GOfRLnd

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks