metasploit | 19a7cf59b12637f798a978c6b1a0a9c764434731be253671bc5cbc1d28eb34f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

72074380bf8cd8ec7e5477c6d9b7b858_JaffaCakes118
Size

75KB
Sample

240726-blympazeld
MD5

72074380bf8cd8ec7e5477c6d9b7b858
SHA1

30d6371befd18fa32c428f31576a83d8c3c77f08
SHA256

19a7cf59b12637f798a978c6b1a0a9c764434731be253671bc5cbc1d28eb34f8
SHA512

309ca82a5eeafa68080baaa40dab7217b80cad931e3f33e4e161fcd039a8158984244e8ecc9d4a2d9989a75552026cce775d41406a5eb5c132ff7b36f0be57e4
SSDEEP

1536:J5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER:Jp5wfCQF92HpkeWp

Score

10^/10

metasploit backdoor discovery evasion trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  72074380bf8cd8ec7e5477c6d9b7b858_JaffaCakes118
- Size
  
  75KB
- MD5
  
  72074380bf8cd8ec7e5477c6d9b7b858
- SHA1
  
  30d6371befd18fa32c428f31576a83d8c3c77f08
- SHA256
  
  19a7cf59b12637f798a978c6b1a0a9c764434731be253671bc5cbc1d28eb34f8
- SHA512
  
  309ca82a5eeafa68080baaa40dab7217b80cad931e3f33e4e161fcd039a8158984244e8ecc9d4a2d9989a75552026cce775d41406a5eb5c132ff7b36f0be57e4
- SSDEEP
  
  1536:J5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER:Jp5wfCQF92HpkeWp
Score

10^/10

metasploit backdoor discovery evasion trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Modifies firewall policy service
  evasion
- Modifies security service
  evasion
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoveryevasiontrojan

behavioral2

metasploitbackdoordiscoveryevasiontrojan