metasploit | 3737e2198a159ed5a530bf687d8cb40ca6c284db86d4bd076affefffc3a5ef0a | Triage

Sharing

General

Target

3b91c0967be4ae921b60b2434948bff0_JaffaCakes118
Size

6.1MB
Sample

240330-pbcjcsfb92
MD5

3b91c0967be4ae921b60b2434948bff0
SHA1

d8e4796c5e169136734437550526f26e9e360637
SHA256

3737e2198a159ed5a530bf687d8cb40ca6c284db86d4bd076affefffc3a5ef0a
SHA512

84b5e1f50f5509a1db4f7ee58d3e1627196cabf4366f49e1139ccac88373b8a42761e84734e55c51a509fc0ebb942f3f8cb289405dc61d77d7dc278b831c1965
SSDEEP

98304:PObki2u7InCEE+wysPM4mlaw0LI60GBGrGrGWAuU7jPLQ:Pbi6nTE+wBMHlaw0/U7jPL

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://upd23.vxux.icu:8443/updates/89xYXLbIdHKYwZnA-aM5zQq_RPPi9m0DUuACsVfmeuBqfjki690T9N8AbsZqPBwIHFdi4mTOTIOONU_KxnnHZrL

Targets

- Target
  
  3b91c0967be4ae921b60b2434948bff0_JaffaCakes118
- Size
  
  6.1MB
- MD5
  
  3b91c0967be4ae921b60b2434948bff0
- SHA1
  
  d8e4796c5e169136734437550526f26e9e360637
- SHA256
  
  3737e2198a159ed5a530bf687d8cb40ca6c284db86d4bd076affefffc3a5ef0a
- SHA512
  
  84b5e1f50f5509a1db4f7ee58d3e1627196cabf4366f49e1139ccac88373b8a42761e84734e55c51a509fc0ebb942f3f8cb289405dc61d77d7dc278b831c1965
- SSDEEP
  
  98304:PObki2u7InCEE+wysPM4mlaw0LI60GBGrGrGWAuU7jPLQ:Pbi6nTE+wBMHlaw0/U7jPL
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan