metasploit | 5149454cb5fefd4c6e3952a4bf60ec41002613f910edd58eccf6415c78f065ae | Triage

Sharing

General

Target

e7d766ed2949880f8c0c964595dbec36_JaffaCakes118
Size

27KB
Sample

240917-2pgfpayhpj
MD5

e7d766ed2949880f8c0c964595dbec36
SHA1

b30e9535a7a1bc8894d69d52112e1dcadb4952f0
SHA256

5149454cb5fefd4c6e3952a4bf60ec41002613f910edd58eccf6415c78f065ae
SHA512

0cad6c8a44d4df9a80c8e71639db898d52b3b6516a8a06eb02cb2b0973a1743de120908db2b82dcbdc6bdae767cbdf77408ea44bdbe567e9f90ee33ef081516d
SSDEEP

384:bhNGLIjseGkRvGmi9BGolR0Dhi5NaF78j0vltVxqMO80rF6o+:LGLIvGk45DlRWm70NFq86F6o+

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

0.0.0.0:5678

Targets

- Target
  
  e7d766ed2949880f8c0c964595dbec36_JaffaCakes118
- Size
  
  27KB
- MD5
  
  e7d766ed2949880f8c0c964595dbec36
- SHA1
  
  b30e9535a7a1bc8894d69d52112e1dcadb4952f0
- SHA256
  
  5149454cb5fefd4c6e3952a4bf60ec41002613f910edd58eccf6415c78f065ae
- SHA512
  
  0cad6c8a44d4df9a80c8e71639db898d52b3b6516a8a06eb02cb2b0973a1743de120908db2b82dcbdc6bdae767cbdf77408ea44bdbe567e9f90ee33ef081516d
- SSDEEP
  
  384:bhNGLIjseGkRvGmi9BGolR0Dhi5NaF78j0vltVxqMO80rF6o+:LGLIvGk45DlRWm70NFq86F6o+
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan