metasploit | e46763ad3d59f6e805782cf5a3a15cbda61ef2ac1ad36196ef4e2c9c3a9197ec | Triage

Sharing

General

Target

aa97d13d14002736cdfcf84995bef320_JaffaCakes118
Size

76KB
Sample

240819-l65lva1fml
MD5

aa97d13d14002736cdfcf84995bef320
SHA1

0a40ac30f7018faea243790603e2b0def2917556
SHA256

e46763ad3d59f6e805782cf5a3a15cbda61ef2ac1ad36196ef4e2c9c3a9197ec
SHA512

44deb3a226dba1827f20e7c397061e3f1666cb1d0be8a9d8ae387bf8ac5d2f7cfd3d9c7084699cffd87efc05e07f38d58946c50daa14645878e0a1343fa21cb8
SSDEEP

1536:zqfLUAglYLjt4IrCs2C7Oxy5roZBWbihfv:zKLRt4IrccS4oXWbWfv

Score

10^/10

metasploit discovery

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  aa97d13d14002736cdfcf84995bef320_JaffaCakes118
- Size
  
  76KB
- MD5
  
  aa97d13d14002736cdfcf84995bef320
- SHA1
  
  0a40ac30f7018faea243790603e2b0def2917556
- SHA256
  
  e46763ad3d59f6e805782cf5a3a15cbda61ef2ac1ad36196ef4e2c9c3a9197ec
- SHA512
  
  44deb3a226dba1827f20e7c397061e3f1666cb1d0be8a9d8ae387bf8ac5d2f7cfd3d9c7084699cffd87efc05e07f38d58946c50daa14645878e0a1343fa21cb8
- SSDEEP
  
  1536:zqfLUAglYLjt4IrCs2C7Oxy5roZBWbihfv:zKLRt4IrccS4oXWbWfv
Score

8^/10

discovery
- Drops file in Drivers directory
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2