metasploit | 3ea5981de2eaf0a7151d71ce8972ba9e69f29211411c5dff54531c817be21bad | Triage

Submit
Reports

Overview

overview

Static

static

7

da87ff2e88...18.exe

windows7-x64

da87ff2e88...18.exe

windows10-2004-x64

Sharing

General

Target

da87ff2e885ba64482bdea058dce5f47_JaffaCakes118
Size

125KB
Sample

240911-rmwgqavhjb
MD5

da87ff2e885ba64482bdea058dce5f47
SHA1

46365b0e39b51d4b3a45d80f9ad04a694c8b7377
SHA256

3ea5981de2eaf0a7151d71ce8972ba9e69f29211411c5dff54531c817be21bad
SHA512

3cd86b9372bf08125798261e85737835dadd229a4a4a085fb9666810cce91cead499c95a17c691b83406446947f994a36bb45f84367592bc868679aab7a3d276
SSDEEP

3072:GWR+QqVQMsdYAEJZ/1o97LDIGHZIsdEMOTazZyF:GC+QrAty7LMPMFzZy

Score

10^/10

metasploit backdoor discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

da87ff2e885ba64482bdea058dce5f47_JaffaCakes118.exe

Resource

win7-20240903-en

metasploit backdoor discovery trojan upx

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

da87ff2e885ba64482bdea058dce5f47_JaffaCakes118.exe

Resource

win10v2004-20240802-en

metasploit backdoor discovery trojan upx

windows10-2004-x64

6 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  da87ff2e885ba64482bdea058dce5f47_JaffaCakes118
- Size
  
  125KB
- MD5
  
  da87ff2e885ba64482bdea058dce5f47
- SHA1
  
  46365b0e39b51d4b3a45d80f9ad04a694c8b7377
- SHA256
  
  3ea5981de2eaf0a7151d71ce8972ba9e69f29211411c5dff54531c817be21bad
- SHA512
  
  3cd86b9372bf08125798261e85737835dadd229a4a4a085fb9666810cce91cead499c95a17c691b83406446947f994a36bb45f84367592bc868679aab7a3d276
- SSDEEP
  
  3072:GWR+QqVQMsdYAEJZ/1o97LDIGHZIsdEMOTazZyF:GC+QrAty7LMPMFzZy
Score

10^/10

metasploit backdoor discovery trojan upx
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojanupx

behavioral2

metasploitbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy