metasploit | b17353e092130a786272a0ddb67efdb57433cc9e9e21484d8da25819a38fa1c5

Analysis

max time kernel
141s
max time network
147s
platform
windows10-2004_x64
resource
win10v2004-20240419-en
resource tags

arch:x64arch:x86image:win10v2004-20240419-enlocale:en-usos:windows10-2004-x64system
submitted
28-04-2024 13:37

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

054e8e13fc81cb1c8cdb1665296903c6_JaffaCakes118.exe
Size

386KB
MD5

054e8e13fc81cb1c8cdb1665296903c6
SHA1

330c47624f66faf2b9d59488267207efde60f717
SHA256

b17353e092130a786272a0ddb67efdb57433cc9e9e21484d8da25819a38fa1c5
SHA512

004bd6777b401c183c8ba2ae97870a22a90af3946e09c9ecf722c160f3c11fa742781c3d1e7a257e73a08091ea700fd62cfc8bf9806f701c6f116e4edb8b9fce
SSDEEP

6144:Fqq8I/1MWYWqEumz3MW56SacW2yxilWqtCTVttA/:npqcHVLnAli5AdTvC

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

http://47.240.20.130:8888/fru28IjpYz7Rq9Cqj7YSKAJVdAdbsBEHMrMUwWD301GdKCtNaK7HsieIa14lxrYb9PWuD0K_al0o42UJaYm5y-8_W1e9zWA2RrQpAAc7EsxJLANa76Vlsh3XifDYTWYxT9zFDNJlZVxQWlGsgRw_Tokn_XNSSHWja_0AANEOYnZrUm9HRJ1HaV0YHYGJyQt

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit

C:\Users\Admin\AppData\Local\Temp\054e8e13fc81cb1c8cdb1665296903c6_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\054e8e13fc81cb1c8cdb1665296903c6_JaffaCakes118.exe"
1⤵
PID:3808

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/3808-0-0x0000000000400000-0x0000000000466000-memory.dmp

Filesize
408KB

Download