metasploit | b94d87580a7cbf0ff7e6001f6856207d14ef31032c11c75237017080d8a650bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0ea5594206f4bbfa2e5357109c5426b9_JaffaCakes118
Size

37KB
Sample

240625-tajy9sygmg
MD5

0ea5594206f4bbfa2e5357109c5426b9
SHA1

efc6c75f6881c4a18ee0e6ad00389a46724383a3
SHA256

b94d87580a7cbf0ff7e6001f6856207d14ef31032c11c75237017080d8a650bd
SHA512

f84691cdd572f3b663dbedb3ea7071f777de594e526272b48d2635144e7a78b1c2ac60213152ef2d44e8574305ce322558aa8d85ef369d62430dca4628735768
SSDEEP

768:0bi45CYPRPupy/LDqFiBUExdcTE/NWHKW4liz6lRZ95x:mBMmRPupy/LW4xNnzh5x

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.5:4455

Targets

- Target
  
  0ea5594206f4bbfa2e5357109c5426b9_JaffaCakes118
- Size
  
  37KB
- MD5
  
  0ea5594206f4bbfa2e5357109c5426b9
- SHA1
  
  efc6c75f6881c4a18ee0e6ad00389a46724383a3
- SHA256
  
  b94d87580a7cbf0ff7e6001f6856207d14ef31032c11c75237017080d8a650bd
- SHA512
  
  f84691cdd572f3b663dbedb3ea7071f777de594e526272b48d2635144e7a78b1c2ac60213152ef2d44e8574305ce322558aa8d85ef369d62430dca4628735768
- SSDEEP
  
  768:0bi45CYPRPupy/LDqFiBUExdcTE/NWHKW4liz6lRZ95x:mBMmRPupy/LW4xNnzh5x
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan