metasploit | c9616419c5d61e68d3ff39712bca989a2bd513405a1647a197a27923d9d47bab | Triage

Sharing

General

Target

e363ba07d940dd548488bae620754144_JaffaCakes118
Size

708KB
Sample

240915-1a5djatfrl
MD5

e363ba07d940dd548488bae620754144
SHA1

0629a779e4b0c136a64220cdaf2862eaf1babe5c
SHA256

c9616419c5d61e68d3ff39712bca989a2bd513405a1647a197a27923d9d47bab
SHA512

6ffa4323a4185c46f5d2b68d2ce62726e70146dff6f52eb84adc3e8d222b940b621f691c7712382cd606cc705e45bce2d7e4600785696741b6dd60c5c5c3d7fe
SSDEEP

12288:0hbvakfEMtMwzjxlz83d2EWOWoB04AEOpQmuptkL:0hTakfEMtFzjboB3AVQmQtkL

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  e363ba07d940dd548488bae620754144_JaffaCakes118
- Size
  
  708KB
- MD5
  
  e363ba07d940dd548488bae620754144
- SHA1
  
  0629a779e4b0c136a64220cdaf2862eaf1babe5c
- SHA256
  
  c9616419c5d61e68d3ff39712bca989a2bd513405a1647a197a27923d9d47bab
- SHA512
  
  6ffa4323a4185c46f5d2b68d2ce62726e70146dff6f52eb84adc3e8d222b940b621f691c7712382cd606cc705e45bce2d7e4600785696741b6dd60c5c5c3d7fe
- SSDEEP
  
  12288:0hbvakfEMtMwzjxlz83d2EWOWoB04AEOpQmuptkL:0hTakfEMtFzjboB3AVQmQtkL
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan