metasploit | 05d7309e06e7faadd6cc872df08f7a39ae31c50aad879be2caaca0433c8451f9 | Triage

Sharing

General

Target

88b796c5aeb396b8720dd75c1eb1fb35_JaffaCakes118
Size

182KB
Sample

240811-de1jtawckb
MD5

88b796c5aeb396b8720dd75c1eb1fb35
SHA1

eca0e34fceb991ee73a6ddde1e9d8a460df35665
SHA256

05d7309e06e7faadd6cc872df08f7a39ae31c50aad879be2caaca0433c8451f9
SHA512

5cee6724f9fbf9ccfacf65083e4f3800aa2599bc203622e39258558102f7c64ea2db9c15b2f1ea4da26e64617300b477ca9345ac348bcedb769312df157644a6
SSDEEP

3072:PVA4xtigD6dyzhq+J+y9VusR1enuYbcrBLCfEglYEpw9iTXoeSXndt9sLPGJ:PVAcigeSPD9FR1eTboMMzEG9ibs3dt

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.102.128:4444

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

- Target
  
  88b796c5aeb396b8720dd75c1eb1fb35_JaffaCakes118
- Size
  
  182KB
- MD5
  
  88b796c5aeb396b8720dd75c1eb1fb35
- SHA1
  
  eca0e34fceb991ee73a6ddde1e9d8a460df35665
- SHA256
  
  05d7309e06e7faadd6cc872df08f7a39ae31c50aad879be2caaca0433c8451f9
- SHA512
  
  5cee6724f9fbf9ccfacf65083e4f3800aa2599bc203622e39258558102f7c64ea2db9c15b2f1ea4da26e64617300b477ca9345ac348bcedb769312df157644a6
- SSDEEP
  
  3072:PVA4xtigD6dyzhq+J+y9VusR1enuYbcrBLCfEglYEpw9iTXoeSXndt9sLPGJ:PVAcigeSPD9FR1eTboMMzEG9ibs3dt
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan