metasploit | 494baf8c1c12a64caac81dd77e80654f3ff4b902708c8c89ad9043bbd5bf2873 | Triage

Sharing

General

Target

893108c6b682075f0ae939b6d302540e_JaffaCakes118
Size

184KB
Sample

240811-gbd37a1ejf
MD5

893108c6b682075f0ae939b6d302540e
SHA1

9efeac56acd773abbcef8623a84cf3db67d0a51a
SHA256

494baf8c1c12a64caac81dd77e80654f3ff4b902708c8c89ad9043bbd5bf2873
SHA512

ac9a38c1a79a874ce18bb5bbeccdb10fdc256bc6719516ee4560d464442ff46e630cafa6672a40c7c02e7adb4548b448b7fb3f1bb47e418cdbd77c3ed0ccc8b6
SSDEEP

1536:xVGLWP/qwyrRrqaS25N4khijKp9RyKn5rpvUS3h5bzp5:vGLWnDyNrbhioWK5VvUS3h5bzp5

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

89.216.161.89:5500

Targets

- Target
  
  893108c6b682075f0ae939b6d302540e_JaffaCakes118
- Size
  
  184KB
- MD5
  
  893108c6b682075f0ae939b6d302540e
- SHA1
  
  9efeac56acd773abbcef8623a84cf3db67d0a51a
- SHA256
  
  494baf8c1c12a64caac81dd77e80654f3ff4b902708c8c89ad9043bbd5bf2873
- SHA512
  
  ac9a38c1a79a874ce18bb5bbeccdb10fdc256bc6719516ee4560d464442ff46e630cafa6672a40c7c02e7adb4548b448b7fb3f1bb47e418cdbd77c3ed0ccc8b6
- SSDEEP
  
  1536:xVGLWP/qwyrRrqaS25N4khijKp9RyKn5rpvUS3h5bzp5:vGLWnDyNrbhioWK5VvUS3h5bzp5
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan