Overview

overview

10

Static

static

3

fb40cf21e3...18.exe

windows7-x64

10

fb40cf21e3...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fb40cf21e303a47c3aca42dd808d0b51_JaffaCakes118

  • Size

    6.8MB

  • Sample

    240419-1vecvahd6s

  • MD5

    fb40cf21e303a47c3aca42dd808d0b51

  • SHA1

    c5f40b56cca48b01dabd1383125cb2a499f01b60

  • SHA256

    390d20cc8af36c1752366bc7dea8df35c7d6eabecd1efd80cf5515b09f77d77a

  • SHA512

    d6455490bee9562b6d28b3fee20a4c7827e9210495f57ea68dd5688b028444eb6623317a34377e18bc7ce4313161381d88392a24da48b28a2527fe7911594759

  • SSDEEP

    196608:FlZtgt73ZRFBSgfv1Ugsrjj6MtqvzhyvEYi0VYy:FHtgt73aglNsrDtqVk5VYy

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.102:4444

Targets

    • Target

      fb40cf21e303a47c3aca42dd808d0b51_JaffaCakes118

    • Size

      6.8MB

    • MD5

      fb40cf21e303a47c3aca42dd808d0b51

    • SHA1

      c5f40b56cca48b01dabd1383125cb2a499f01b60

    • SHA256

      390d20cc8af36c1752366bc7dea8df35c7d6eabecd1efd80cf5515b09f77d77a

    • SHA512

      d6455490bee9562b6d28b3fee20a4c7827e9210495f57ea68dd5688b028444eb6623317a34377e18bc7ce4313161381d88392a24da48b28a2527fe7911594759

    • SSDEEP

      196608:FlZtgt73ZRFBSgfv1Ugsrjj6MtqvzhyvEYi0VYy:FHtgt73aglNsrDtqVk5VYy

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks