metasploit | 2675dc0584def68a00997663af7bd279e2f5ce74278eb9c73e89d2c55c8f8c08 | Triage

Sharing

General

Target

d78f247cf06c29fc9a3afc1ef3e999fa_JaffaCakes118
Size

47KB
Sample

240910-elpxbswcjm
MD5

d78f247cf06c29fc9a3afc1ef3e999fa
SHA1

c131f960d94b45b96e914ec65730966b4c5ccf16
SHA256

2675dc0584def68a00997663af7bd279e2f5ce74278eb9c73e89d2c55c8f8c08
SHA512

8b3abb13b47360b99a2f9a5abcd0231cafdf03a6a86fcce76cd00953f5484b6db9f4be38d2d496928515fdce68c5e580d6f64b7dacd0c6b8145775ff0cc173fd
SSDEEP

768:IKMx/gL4Dsewsjv7GkUm2qGISar6+/5uVNFlNbqYebHpoeHAw2GSfGiq3:I9xILwNUmPsar6/XlIb7Aw2RGiq3

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://199.204.215.60:443/Ff7y

Targets

- Target
  
  d78f247cf06c29fc9a3afc1ef3e999fa_JaffaCakes118
- Size
  
  47KB
- MD5
  
  d78f247cf06c29fc9a3afc1ef3e999fa
- SHA1
  
  c131f960d94b45b96e914ec65730966b4c5ccf16
- SHA256
  
  2675dc0584def68a00997663af7bd279e2f5ce74278eb9c73e89d2c55c8f8c08
- SHA512
  
  8b3abb13b47360b99a2f9a5abcd0231cafdf03a6a86fcce76cd00953f5484b6db9f4be38d2d496928515fdce68c5e580d6f64b7dacd0c6b8145775ff0cc173fd
- SSDEEP
  
  768:IKMx/gL4Dsewsjv7GkUm2qGISar6+/5uVNFlNbqYebHpoeHAw2GSfGiq3:I9xILwNUmPsar6/XlIb7Aw2RGiq3
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan