metasploit | 9471fe7cdfa2a3bdb4e6cb98b1a54ffa45c059db47a4b3b0875b04f9fb967652 | Triage

Sharing

General

Target

dc92098fed3f3bd811855c23d7590259_JaffaCakes118
Size

19KB
Sample

240912-thbmvssgmm
MD5

dc92098fed3f3bd811855c23d7590259
SHA1

91e47896c6e48bc49173ae16fcb5e7d00f4aa91b
SHA256

9471fe7cdfa2a3bdb4e6cb98b1a54ffa45c059db47a4b3b0875b04f9fb967652
SHA512

2964adb2b05eaaa0ab114e749b24da3123b662a163072bedee8462d6466c65eda46fe8f8327ca66f7cde9cc9f1820ab99f0c8328b2d3cecfef63b51e5917809f
SSDEEP

384:cAyFOFwVfmTQ86AHpFh0h4xdeD3Ie9X760vFbQUK3XnE/4ZrKG72WEg:cT8F3TQZAHFa4xU3VLaHtZrKG7BEg

Score

10^/10

metasploit backdoor execution trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://azurlink.net:443/tempur-pedic/tempur-ergo-adjustable-base/mfi134086.html

Targets

- Target
  
  dc92098fed3f3bd811855c23d7590259_JaffaCakes118
- Size
  
  19KB
- MD5
  
  dc92098fed3f3bd811855c23d7590259
- SHA1
  
  91e47896c6e48bc49173ae16fcb5e7d00f4aa91b
- SHA256
  
  9471fe7cdfa2a3bdb4e6cb98b1a54ffa45c059db47a4b3b0875b04f9fb967652
- SHA512
  
  2964adb2b05eaaa0ab114e749b24da3123b662a163072bedee8462d6466c65eda46fe8f8327ca66f7cde9cc9f1820ab99f0c8328b2d3cecfef63b51e5917809f
- SSDEEP
  
  384:cAyFOFwVfmTQ86AHpFh0h4xdeD3Ie9X760vFbQUK3XnE/4ZrKG72WEg:cT8F3TQZAHFa4xU3VLaHtZrKG7BEg
Score

10^/10

metasploit backdoor execution trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

JavaScript

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoorexecutiontrojan

behavioral2

metasploitbackdoorexecutiontrojan