metasploit | 409e1be5fb129f97eaecf11df3d6bb103e9d1c75e9bc4faca38f7dfc456f0127 | Triage

Sharing

General

Target

dafa6e66ab561fec8b16d01776e67b33_JaffaCakes118
Size

4KB
Sample

240911-w7lv8swfne
MD5

dafa6e66ab561fec8b16d01776e67b33
SHA1

687c1de0c691a60748256a238d13bdfcbbaba7e1
SHA256

409e1be5fb129f97eaecf11df3d6bb103e9d1c75e9bc4faca38f7dfc456f0127
SHA512

a89cc12102d02a55a7808a4872d543de23f152a5820ca0fceb7546ae9dd40b55576de9692119d7c020e101267fbaf561af8d90c9495a194f476fea08de6436c6
SSDEEP

48:6/iS4V4MZtzBRQLMgF9dfnofG+54E9+YxsRGwapVRhrls6+aR6Xi6lqtGLdpBY2:+XAtzbQgu9dPG5DNxc9apbJBR6qtGrD

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp_allports

C2

193.34.2.1:10004

Targets

- Target
  
  dafa6e66ab561fec8b16d01776e67b33_JaffaCakes118
- Size
  
  4KB
- MD5
  
  dafa6e66ab561fec8b16d01776e67b33
- SHA1
  
  687c1de0c691a60748256a238d13bdfcbbaba7e1
- SHA256
  
  409e1be5fb129f97eaecf11df3d6bb103e9d1c75e9bc4faca38f7dfc456f0127
- SHA512
  
  a89cc12102d02a55a7808a4872d543de23f152a5820ca0fceb7546ae9dd40b55576de9692119d7c020e101267fbaf561af8d90c9495a194f476fea08de6436c6
- SSDEEP
  
  48:6/iS4V4MZtzBRQLMgF9dfnofG+54E9+YxsRGwapVRhrls6+aR6Xi6lqtGLdpBY2:+XAtzbQgu9dPG5DNxc9apbJBR6qtGrD
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan