metasploit | f1f5d360c75edfe68e41909544f768c9af549d52ead3508bdbcf5414d266f23c

Analysis

max time kernel
130s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
31-03-2024 22:52

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

60605807abaf5e6d731a4af6971aa548_JaffaCakes118.exe
Size

73KB
MD5

60605807abaf5e6d731a4af6971aa548
SHA1

501b0b754438b6e71a4c60e534c8e173c3a4086c
SHA256

f1f5d360c75edfe68e41909544f768c9af549d52ead3508bdbcf5414d266f23c
SHA512

1372a46447b16b567c0038ac123d0b1565a5a6f6d6807581f16c020e26bc30d567c687c4802c9a16da71811061cd1437498254fc4dff211ebc23b63023e1b13f
SSDEEP

1536:EM3xkYRKwYvxesXjNgQkYDMiqySpoiTdwGEYJSBsWccdamb6+Ii:zgosXjzXM/Vpo4deoSRamb67i

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

http://10.10.75.15:443/SARQ7yrZot81ODQ5bsaiTwkR5U4KNvRzojbokU-PHeBRu1-c6KG6aBQ8RmFix7O--OJU9fYCNNO_qWswU8TNgDh8Vx-vqwMVJC9bpsxhFzPY0F-Wb2HNOrbRJy0RxL7XzZw50TTxFlZ5iWPwDvD-0d5mrmhMaMHrBcV0VzcZJwapqIqNQ8FcrlzSA14hOvCj1H1PscNps

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\60605807abaf5e6d731a4af6971aa548_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\60605807abaf5e6d731a4af6971aa548_JaffaCakes118.exe"
1⤵
PID:4236

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4236-0-0x00000000007D0000-0x00000000007D1000-memory.dmp

Filesize
4KB

Download