metasploit | 582e1f591cac39d4158a1e772176b9ec3bf9a6c9bf7e9d39b96724c63954e6dd | Triage

Sharing

General

Target

e5748b60eb6eb72882c02ff6fd119983_JaffaCakes118
Size

150KB
Sample

240916-x7zb1awclm
MD5

e5748b60eb6eb72882c02ff6fd119983
SHA1

7945e34394f20de08471cc616beecd015131e9cb
SHA256

582e1f591cac39d4158a1e772176b9ec3bf9a6c9bf7e9d39b96724c63954e6dd
SHA512

5a219f69c45e23ff072a70fa5e5d413eccb85e728161f09eceb7f59790a169583fe3eaead1689c130e817426b97d2abef5eceea2b3b16654234f44de28c01161
SSDEEP

3072:HJQj/azF8FdRMZfoN62wLN6csHVOcoDJYoOxfvtM0k+4zPu4JMkLPpSLd:HJQGad+foNHmoXV8JgM7+4zLJMoPod

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  e5748b60eb6eb72882c02ff6fd119983_JaffaCakes118
- Size
  
  150KB
- MD5
  
  e5748b60eb6eb72882c02ff6fd119983
- SHA1
  
  7945e34394f20de08471cc616beecd015131e9cb
- SHA256
  
  582e1f591cac39d4158a1e772176b9ec3bf9a6c9bf7e9d39b96724c63954e6dd
- SHA512
  
  5a219f69c45e23ff072a70fa5e5d413eccb85e728161f09eceb7f59790a169583fe3eaead1689c130e817426b97d2abef5eceea2b3b16654234f44de28c01161
- SSDEEP
  
  3072:HJQj/azF8FdRMZfoN62wLN6csHVOcoDJYoOxfvtM0k+4zPu4JMkLPpSLd:HJQGad+foNHmoXV8JgM7+4zLJMoPod
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan