metasploit | 495977a318a8c209625270ede9a2f3a182e4ccfb745b5155a8d8e1e8a4a32f21 | Triage

Sharing

General

Target

dc0ac9d4b8ef600c120f7c3b38b6b795_JaffaCakes118
Size

72KB
Sample

240912-hza7waxcrm
MD5

dc0ac9d4b8ef600c120f7c3b38b6b795
SHA1

b07273210fe1892dcf3162c4073d061555bdc721
SHA256

495977a318a8c209625270ede9a2f3a182e4ccfb745b5155a8d8e1e8a4a32f21
SHA512

5f6657dd51bf07479b993ff202ba66ab2059704b09cb20ceb34c83ae82c139b7637749d5659297ccd6cd8457957c8309c6b0260770fe629539200ff50bf382dc
SSDEEP

1536:IeDQlDQXOYKjW+VT3hXjc2qmFZF9VZdHF2x/2Mb+KR0Nc8QsJq39:1DsDQX8jdVT3hXjc2qcD9VflFe0Nc8Qb

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

172.26.33.244:5353

Targets

- Target
  
  dc0ac9d4b8ef600c120f7c3b38b6b795_JaffaCakes118
- Size
  
  72KB
- MD5
  
  dc0ac9d4b8ef600c120f7c3b38b6b795
- SHA1
  
  b07273210fe1892dcf3162c4073d061555bdc721
- SHA256
  
  495977a318a8c209625270ede9a2f3a182e4ccfb745b5155a8d8e1e8a4a32f21
- SHA512
  
  5f6657dd51bf07479b993ff202ba66ab2059704b09cb20ceb34c83ae82c139b7637749d5659297ccd6cd8457957c8309c6b0260770fe629539200ff50bf382dc
- SSDEEP
  
  1536:IeDQlDQXOYKjW+VT3hXjc2qmFZF9VZdHF2x/2Mb+KR0Nc8QsJq39:1DsDQX8jdVT3hXjc2qcD9VflFe0Nc8Qb
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan