Overview

overview

10

Static

static

7

fbcd5b3b07...18.exe

windows7-x64

10

fbcd5b3b07...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fbcd5b3b078c256897f792281c897e4c_JaffaCakes118

  • Size

    44KB

  • Sample

    240420-dqmgbseg95

  • MD5

    fbcd5b3b078c256897f792281c897e4c

  • SHA1

    a5334c4625a3a2abec373031aefa5ac09b87be8c

  • SHA256

    e2e19070c6da1f72fc836a17db0e6e70ab6afe8b64b26e9b76b822cfeba7e3e2

  • SHA512

    dac1f07f0d642ef65e6a12906aa692f6d169fcc276c9d80518c816be4e5273b2de2ebf99f53f07718b2ee65493beded72e1f4448ce826c38b05f1f76d3cc4aa2

  • SSDEEP

    768:Nt2Z0QsCxOmKx0nvbV0TZjrGMMrcXC5O3ocNlID6IsZH0FRAEYLUQt2+KUtDs8nA:avHxOLxuvbEMrcyfSliLb9YBK2hnouy/

Score
10/10
metasploitbackdoortrojanupx

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

83.204.232.176:44444

Targets

    • Target

      fbcd5b3b078c256897f792281c897e4c_JaffaCakes118

    • Size

      44KB

    • MD5

      fbcd5b3b078c256897f792281c897e4c

    • SHA1

      a5334c4625a3a2abec373031aefa5ac09b87be8c

    • SHA256

      e2e19070c6da1f72fc836a17db0e6e70ab6afe8b64b26e9b76b822cfeba7e3e2

    • SHA512

      dac1f07f0d642ef65e6a12906aa692f6d169fcc276c9d80518c816be4e5273b2de2ebf99f53f07718b2ee65493beded72e1f4448ce826c38b05f1f76d3cc4aa2

    • SSDEEP

      768:Nt2Z0QsCxOmKx0nvbV0TZjrGMMrcXC5O3ocNlID6IsZH0FRAEYLUQt2+KUtDs8nA:avHxOLxuvbEMrcyfSliLb9YBK2hnouy/

    Score
    10/10
    metasploitbackdoortrojanupx

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks