metasploit | c6d32aa42367461bbf30392751a11a894b24afdf53727efcdd21233c798cf1e7 | Triage

Sharing

General

Target

fd8918c67d99f1c54e592b5fe79cd104_JaffaCakes118
Size

72KB
Sample

240420-ytn5jsgf39
MD5

fd8918c67d99f1c54e592b5fe79cd104
SHA1

9a10e9981c1e4c75c5a9b5253bd86d9057cc4fcf
SHA256

c6d32aa42367461bbf30392751a11a894b24afdf53727efcdd21233c798cf1e7
SHA512

9f6bc37aca37be6404ba348193608e8f3282a3ca2d879c40d2b467828c7300f0c63156da7e0cc21acff0cfd646ad09ed0ca4b3c0546f35925768ad7c340f9b81
SSDEEP

1536:IN/ukRRX3Y/S2SF8TuySzzWMenMb+KR0Nc8QsJq39:y2iRXzWTd1ne0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/exec

Targets

- Target
  
  fd8918c67d99f1c54e592b5fe79cd104_JaffaCakes118
- Size
  
  72KB
- MD5
  
  fd8918c67d99f1c54e592b5fe79cd104
- SHA1
  
  9a10e9981c1e4c75c5a9b5253bd86d9057cc4fcf
- SHA256
  
  c6d32aa42367461bbf30392751a11a894b24afdf53727efcdd21233c798cf1e7
- SHA512
  
  9f6bc37aca37be6404ba348193608e8f3282a3ca2d879c40d2b467828c7300f0c63156da7e0cc21acff0cfd646ad09ed0ca4b3c0546f35925768ad7c340f9b81
- SSDEEP
  
  1536:IN/ukRRX3Y/S2SF8TuySzzWMenMb+KR0Nc8QsJq39:y2iRXzWTd1ne0Nc8QsC9
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Grants admin privileges
  Uses net.exe to modify the user's privileges.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Account Manipulation

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan