metasploit | 4c32657572457ddb49841cc9db8e4914f403688db584976968c6238b047ad5d9 | Triage

Sharing

General

Target

dce57a101c9b8d7c62830d85d4252b0f_JaffaCakes118
Size

23KB
Sample

240912-x3djqszgqc
MD5

dce57a101c9b8d7c62830d85d4252b0f
SHA1

f72d2eb2483b706aed16d728254d47861369c88b
SHA256

4c32657572457ddb49841cc9db8e4914f403688db584976968c6238b047ad5d9
SHA512

2fbb323804e7c1433f5ad8f628ef16d0dfe44879bdbdfcd05928b31498d1dce530566a1ffd08214cc2296cda1236dace4c16a5f9eeb91a3862d43e1af08e72aa
SSDEEP

384:x5bdl16jOY6nO7MryhwArFblp3xb/tDeWXd8c8FcY8Qt7wY8ofaqz15ZR:X31+WqT3h7XgcYbEYKa

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.5.34:443

Targets

- Target
  
  dce57a101c9b8d7c62830d85d4252b0f_JaffaCakes118
- Size
  
  23KB
- MD5
  
  dce57a101c9b8d7c62830d85d4252b0f
- SHA1
  
  f72d2eb2483b706aed16d728254d47861369c88b
- SHA256
  
  4c32657572457ddb49841cc9db8e4914f403688db584976968c6238b047ad5d9
- SHA512
  
  2fbb323804e7c1433f5ad8f628ef16d0dfe44879bdbdfcd05928b31498d1dce530566a1ffd08214cc2296cda1236dace4c16a5f9eeb91a3862d43e1af08e72aa
- SSDEEP
  
  384:x5bdl16jOY6nO7MryhwArFblp3xb/tDeWXd8c8FcY8Qt7wY8ofaqz15ZR:X31+WqT3h7XgcYbEYKa
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan