metasploit | 460a82fb2b9bfbe8b3eef6f18d7d3dc6fad28df72bb3c028600fc98077dbe68b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87481df9c9aac34e82309f6f7e03ec69_JaffaCakes118
Size

972KB
Sample

240810-xpgdgatakq
MD5

87481df9c9aac34e82309f6f7e03ec69
SHA1

2a20735f9578138c16395e914230a4ba061295bf
SHA256

460a82fb2b9bfbe8b3eef6f18d7d3dc6fad28df72bb3c028600fc98077dbe68b
SHA512

1443171e1b236c58db03857a0de0c321f7fb62b1de8a205d2fff40847a917f2803441aceac1ec44f06c6551591ac58cb4ef7fa147207a1e7c19df5033373e2e0
SSDEEP

24576:ve7UcqiLnJWlGcmJ2TrBMvJfdwsJ/Xonp/SO/D5Ob/a:v3+J2TrBMRfwp/SO/NOW

Score

10^/10

metasploit backdoor discovery persistence trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  87481df9c9aac34e82309f6f7e03ec69_JaffaCakes118
- Size
  
  972KB
- MD5
  
  87481df9c9aac34e82309f6f7e03ec69
- SHA1
  
  2a20735f9578138c16395e914230a4ba061295bf
- SHA256
  
  460a82fb2b9bfbe8b3eef6f18d7d3dc6fad28df72bb3c028600fc98077dbe68b
- SHA512
  
  1443171e1b236c58db03857a0de0c321f7fb62b1de8a205d2fff40847a917f2803441aceac1ec44f06c6551591ac58cb4ef7fa147207a1e7c19df5033373e2e0
- SSDEEP
  
  24576:ve7UcqiLnJWlGcmJ2TrBMvJfdwsJ/Xonp/SO/D5Ob/a:v3+J2TrBMRfwp/SO/NOW
Score

10^/10

metasploit backdoor discovery trojan persistence
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Sets service image path in registry
  persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverypersistencetrojan