metasploit | 406d0a6ebc2a0293dc7674de4b359bab7a2454381d5e3c1514d6b93c840dee0f | Triage

Sharing

General

Target

d8b1c6dcd3e6768fc9127ae58f43918f_JaffaCakes118
Size

3.3MB
Sample

240910-v1wlesvhkn
MD5

d8b1c6dcd3e6768fc9127ae58f43918f
SHA1

e72f04654790756ee35717dc22fd9ec6feba5808
SHA256

406d0a6ebc2a0293dc7674de4b359bab7a2454381d5e3c1514d6b93c840dee0f
SHA512

836bef0dabe7b8d98a57acbe67cf70602a70e14351e7f90e8abf2000c579a6273b7263a4363961f363a7c01e4911c6a0c39deec2d7aed95f49e4f45d5193c453
SSDEEP

98304:tQMZyVyGHAeBALgXYRYxKbxabdDkmDduupMes+0kyJ:2BlaPRYXkmIesuy

Score

10^/10

metasploit backdoor discovery pyinstaller trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

- Target
  
  d8b1c6dcd3e6768fc9127ae58f43918f_JaffaCakes118
- Size
  
  3.3MB
- MD5
  
  d8b1c6dcd3e6768fc9127ae58f43918f
- SHA1
  
  e72f04654790756ee35717dc22fd9ec6feba5808
- SHA256
  
  406d0a6ebc2a0293dc7674de4b359bab7a2454381d5e3c1514d6b93c840dee0f
- SHA512
  
  836bef0dabe7b8d98a57acbe67cf70602a70e14351e7f90e8abf2000c579a6273b7263a4363961f363a7c01e4911c6a0c39deec2d7aed95f49e4f45d5193c453
- SSDEEP
  
  98304:tQMZyVyGHAeBALgXYRYxKbxabdDkmDduupMes+0kyJ:2BlaPRYXkmIesuy
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan