metasploit | 9fcab590c22d5762448ed23f4d5f7a3326372a8a563cabb852c94eaa946d5c66 | Triage

Sharing

General

Target

dde4de35f08566c2b9da2567df4b56f0_JaffaCakes118
Size

22KB
Sample

240913-hlw77azcnl
MD5

dde4de35f08566c2b9da2567df4b56f0
SHA1

3eadffdaa7b378a9c8d93ebdb9f3b915eee191e9
SHA256

9fcab590c22d5762448ed23f4d5f7a3326372a8a563cabb852c94eaa946d5c66
SHA512

2775c894e6827c8bfb909a1f9affe98cc7960ebba82e510117a346515f4f836f29c46e1b8012c6c48a5e2d3f4001ff9a7134e75a5e7ad3695f13904b91f816b6
SSDEEP

192:FysHThCHwGTgRqP81XblvkyGV2/6BvvwpOHPr3vPBqf8TvEFhI0KCMFY:zCHta7vkyNyhY+Pr38AMnlxl

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.254:5555

Targets

- Target
  
  dde4de35f08566c2b9da2567df4b56f0_JaffaCakes118
- Size
  
  22KB
- MD5
  
  dde4de35f08566c2b9da2567df4b56f0
- SHA1
  
  3eadffdaa7b378a9c8d93ebdb9f3b915eee191e9
- SHA256
  
  9fcab590c22d5762448ed23f4d5f7a3326372a8a563cabb852c94eaa946d5c66
- SHA512
  
  2775c894e6827c8bfb909a1f9affe98cc7960ebba82e510117a346515f4f836f29c46e1b8012c6c48a5e2d3f4001ff9a7134e75a5e7ad3695f13904b91f816b6
- SSDEEP
  
  192:FysHThCHwGTgRqP81XblvkyGV2/6BvvwpOHPr3vPBqf8TvEFhI0KCMFY:zCHta7vkyNyhY+Pr38AMnlxl
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan