metasploit | 4c1b69b8968e414441b958da34abb395827897813f7b6266879edcc6bf861c20 | Triage

Sharing

General

Target

fe66ef0120cf1e055375176cfd9ce553_JaffaCakes118
Size

2.8MB
Sample

240421-esbchsba5t
MD5

fe66ef0120cf1e055375176cfd9ce553
SHA1

777fe58e6eb7953260d716448999cb21328786ff
SHA256

4c1b69b8968e414441b958da34abb395827897813f7b6266879edcc6bf861c20
SHA512

80c0becc479d324a5ca3d059d825b4cd37acc4bf82cf5bf424b0fafecec40bec3cc0db959dc2af0414d5a131e733229c73fa82f44db11977f19367b5322c27ec
SSDEEP

49152:/DYbrSAAKDa+atngl9dLA8Y6ZX5c/yhFlq2d0MzjkxwF:/GZatnS9dLAEZX5cqh+2d0MzjkxwF

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.23.131:4455

Targets

- Target
  
  fe66ef0120cf1e055375176cfd9ce553_JaffaCakes118
- Size
  
  2.8MB
- MD5
  
  fe66ef0120cf1e055375176cfd9ce553
- SHA1
  
  777fe58e6eb7953260d716448999cb21328786ff
- SHA256
  
  4c1b69b8968e414441b958da34abb395827897813f7b6266879edcc6bf861c20
- SHA512
  
  80c0becc479d324a5ca3d059d825b4cd37acc4bf82cf5bf424b0fafecec40bec3cc0db959dc2af0414d5a131e733229c73fa82f44db11977f19367b5322c27ec
- SSDEEP
  
  49152:/DYbrSAAKDa+atngl9dLA8Y6ZX5c/yhFlq2d0MzjkxwF:/GZatnS9dLAEZX5cqh+2d0MzjkxwF
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan