metasploit | fec7ac144cceeecaf12ca5ed7258bb20e3fe64cbd9db191241956ad0372af2e5 | Triage

Sharing

General

Target

c77b40c61bd46d518f8e7f0542e420d9_JaffaCakes118
Size

820KB
Sample

240828-xyabhs1gla
MD5

c77b40c61bd46d518f8e7f0542e420d9
SHA1

9275940eae470cd25f79aa04fcb18912989ddd76
SHA256

fec7ac144cceeecaf12ca5ed7258bb20e3fe64cbd9db191241956ad0372af2e5
SHA512

4f1a14b8bf46a6c7bc32dca838b348be33b5c6dda62af890347dc072f79c1539fb3dbe4e73209364365f4d1eb8685dc569b649a6307f7232ca6c1573eb237648
SSDEEP

3072:VAIJPZgN3dG/Np+ahhFI+6iNkoYn+jofzk:VAIJ6dG14aWoBY+s4

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://217.12.218.199:80/JmXM

Attributes

headers User-Agent: Mozilla/5.0 (compatible, MSIE 11, Windows NT 6.3; Trident/7.0; rv:11.0) like Gecko

Targets

- Target
  
  c77b40c61bd46d518f8e7f0542e420d9_JaffaCakes118
- Size
  
  820KB
- MD5
  
  c77b40c61bd46d518f8e7f0542e420d9
- SHA1
  
  9275940eae470cd25f79aa04fcb18912989ddd76
- SHA256
  
  fec7ac144cceeecaf12ca5ed7258bb20e3fe64cbd9db191241956ad0372af2e5
- SHA512
  
  4f1a14b8bf46a6c7bc32dca838b348be33b5c6dda62af890347dc072f79c1539fb3dbe4e73209364365f4d1eb8685dc569b649a6307f7232ca6c1573eb237648
- SSDEEP
  
  3072:VAIJPZgN3dG/Np+ahhFI+6iNkoYn+jofzk:VAIJ6dG14aWoBY+s4
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan