metasploit | b7f0cc958b40e17f6f7825bffcf8deb6e69d64ba265c47b500e33642de5c420e | Triage

Sharing

General

Target

fa6b0ecb75ccb53d9dfffcc205710255_JaffaCakes118
Size

7.9MB
Sample

240419-qxs9nsef91
MD5

fa6b0ecb75ccb53d9dfffcc205710255
SHA1

e11dcf82ab32e1c5096866f1242483a9b8457c7f
SHA256

b7f0cc958b40e17f6f7825bffcf8deb6e69d64ba265c47b500e33642de5c420e
SHA512

16826e3d68d3bb536b23bb7a1c944ae22477df3b4349aaaa8d8347f594a8b291bebf558a3e1d5105fe8b5b7310cc75e231e2a4727009e1d0df290b1fe8579b34
SSDEEP

98304:9OzH+XBts1rX50JU8qB+TciBavxGYfVtYzGbAnMklK/5Xo+IFoNngx1FRh4EO9lN:9Or+XwBqcgUt+MpmQNshJOsK7

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

0.0.0.0:0

Targets

- Target
  
  fa6b0ecb75ccb53d9dfffcc205710255_JaffaCakes118
- Size
  
  7.9MB
- MD5
  
  fa6b0ecb75ccb53d9dfffcc205710255
- SHA1
  
  e11dcf82ab32e1c5096866f1242483a9b8457c7f
- SHA256
  
  b7f0cc958b40e17f6f7825bffcf8deb6e69d64ba265c47b500e33642de5c420e
- SHA512
  
  16826e3d68d3bb536b23bb7a1c944ae22477df3b4349aaaa8d8347f594a8b291bebf558a3e1d5105fe8b5b7310cc75e231e2a4727009e1d0df290b1fe8579b34
- SSDEEP
  
  98304:9OzH+XBts1rX50JU8qB+TciBavxGYfVtYzGbAnMklK/5Xo+IFoNngx1FRh4EO9lN:9Or+XwBqcgUt+MpmQNshJOsK7
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan