metasploit | 81891f4658e178e464c7f5eb6e0fe3941bbee6b5516ce07286e94d73ab42e99a | Triage

Submit
Reports

Overview

overview

Static

static

3

f99b3b75f8...18.exe

windows7-x64

f99b3b75f8...18.exe

windows10-2004-x64

Sharing

General

Target

f99b3b75f86bb6e275b7500fefe178ef_JaffaCakes118
Size

228KB
Sample

240419-f7pn5aba8w
MD5

f99b3b75f86bb6e275b7500fefe178ef
SHA1

b31f72450b435373e6a1d2d77092d0cc33d7580a
SHA256

81891f4658e178e464c7f5eb6e0fe3941bbee6b5516ce07286e94d73ab42e99a
SHA512

3441cf5b34e52cef448a4b0b06cb1cac58de26ce4ed7bea8c93d5bd5f1090e150c86d400dcbda0dda51468592388e6ae4531e5d519ed3e779724d40caba6c58c
SSDEEP

3072:bsu3qM4wU4qOC1eljl+G4OKHfdOAfRw3y1hdlUVaZb2N9RUN1tCeTb:VqM4DfWjl+VpHfdOShr4a92DGN1Db

Score

10^/10

metasploit backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f99b3b75f86bb6e275b7500fefe178ef_JaffaCakes118.exe

Resource

win7-20240221-en

metasploit backdoor trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

f99b3b75f86bb6e275b7500fefe178ef_JaffaCakes118.exe

Resource

win10v2004-20240412-en

metasploit backdoor trojan

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  f99b3b75f86bb6e275b7500fefe178ef_JaffaCakes118
- Size
  
  228KB
- MD5
  
  f99b3b75f86bb6e275b7500fefe178ef
- SHA1
  
  b31f72450b435373e6a1d2d77092d0cc33d7580a
- SHA256
  
  81891f4658e178e464c7f5eb6e0fe3941bbee6b5516ce07286e94d73ab42e99a
- SHA512
  
  3441cf5b34e52cef448a4b0b06cb1cac58de26ce4ed7bea8c93d5bd5f1090e150c86d400dcbda0dda51468592388e6ae4531e5d519ed3e779724d40caba6c58c
- SSDEEP
  
  3072:bsu3qM4wU4qOC1eljl+G4OKHfdOAfRw3y1hdlUVaZb2N9RUN1tCeTb:VqM4DfWjl+VpHfdOShr4a92DGN1Db
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan

© 2018-2024

Terms | Privacy