metasploit | dc99ab8a751822968ea71ed15a5a3fd3c862ea480b8f27fd20553c4ec7b8d5a9 | Triage

Submit
Reports

Overview

overview

Static

static

7

ff09ab8828...18.exe

windows7-x64

ff09ab8828...18.exe

windows10-2004-x64

1

Sharing

General

Target

ff09ab8828171b1151dce2fed79db6ec_JaffaCakes118
Size

476KB
Sample

240421-l5qrasge47
MD5

ff09ab8828171b1151dce2fed79db6ec
SHA1

2842c881a50133a80c39bff32957725065f365fd
SHA256

dc99ab8a751822968ea71ed15a5a3fd3c862ea480b8f27fd20553c4ec7b8d5a9
SHA512

34ef631b71d623f76a696cf8236725899aaf1b0f48a0a2942442f697751013a04b99257230133c59c7b6146e102424e8fba6a8a73ec92ad84e55dcc831a14854
SSDEEP

12288:aeJg3Stp4Bn+laUoW/6cOce8uhroZPXPQO:jJg3SYd+laUdOce8uV6QO

Score

10^/10

metasploit backdoor themida trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

ff09ab8828171b1151dce2fed79db6ec_JaffaCakes118.exe

Resource

win7-20240221-en

metasploit backdoor themida trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

ff09ab8828171b1151dce2fed79db6ec_JaffaCakes118.exe

Resource

win10v2004-20240412-en

windows10-2004-x64

0 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  ff09ab8828171b1151dce2fed79db6ec_JaffaCakes118
- Size
  
  476KB
- MD5
  
  ff09ab8828171b1151dce2fed79db6ec
- SHA1
  
  2842c881a50133a80c39bff32957725065f365fd
- SHA256
  
  dc99ab8a751822968ea71ed15a5a3fd3c862ea480b8f27fd20553c4ec7b8d5a9
- SHA512
  
  34ef631b71d623f76a696cf8236725899aaf1b0f48a0a2942442f697751013a04b99257230133c59c7b6146e102424e8fba6a8a73ec92ad84e55dcc831a14854
- SSDEEP
  
  12288:aeJg3Stp4Bn+laUoW/6cOce8uhroZPXPQO:jJg3SYd+laUdOce8uV6QO
Score

10^/10

metasploit backdoor themida trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Deletes itself
- Themida packer
  Detects Themida, an advanced Windows software protection system.
  themida
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

metasploitbackdoorthemidatrojan

behavioral2

© 2018-2024

Terms | Privacy