Overview

overview

10

Static

static

3

d85cdca170...18.exe

windows7-x64

10

d85cdca170...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d85cdca1703ca6ae1b40535f29403115_JaffaCakes118

  • Size

    184KB

  • Sample

    240910-rlzsraxcjk

  • MD5

    d85cdca1703ca6ae1b40535f29403115

  • SHA1

    b5746b1675744380630df9ad2f9c3956860a9dd4

  • SHA256

    c9240444f67f6ca2caab12e8b40e8e1bcf4698424d5bfc07d58ea0a933d4d1d6

  • SHA512

    04c5d60e9acc4f626e3dc65bdc74474438999e930208ad57434c651651c9e2deee84ef868eaeb9e69514ef8451758cf2492fecd397fc398fd0c743bf1ed476ef

  • SSDEEP

    1536:ZVGLWP/qwyrRrqaS25N4khijKp9RyKn5r4vUS3m5bzp5:3GLWnDyNrbhioWK5svUS3m5bzp5

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

89.216.161.89:5500

Targets

    • Target

      d85cdca1703ca6ae1b40535f29403115_JaffaCakes118

    • Size

      184KB

    • MD5

      d85cdca1703ca6ae1b40535f29403115

    • SHA1

      b5746b1675744380630df9ad2f9c3956860a9dd4

    • SHA256

      c9240444f67f6ca2caab12e8b40e8e1bcf4698424d5bfc07d58ea0a933d4d1d6

    • SHA512

      04c5d60e9acc4f626e3dc65bdc74474438999e930208ad57434c651651c9e2deee84ef868eaeb9e69514ef8451758cf2492fecd397fc398fd0c743bf1ed476ef

    • SSDEEP

      1536:ZVGLWP/qwyrRrqaS25N4khijKp9RyKn5r4vUS3m5bzp5:3GLWnDyNrbhioWK5svUS3m5bzp5

    Score
    10/10
    metasploitbackdoortrojandiscovery

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks