metasploit | 5825f6e20048000d12baf56c3e4920b999eff6c7ece156f9fad6a5b95e51bf5e | Triage

Sharing

General

Target

e6589db22747ab7c4ae1eb8dbc7fb866_JaffaCakes118
Size

70KB
Sample

240917-jh5wla1hlh
MD5

e6589db22747ab7c4ae1eb8dbc7fb866
SHA1

4d4617223e7f6fdf404ec08fcfa7aadde279c2e0
SHA256

5825f6e20048000d12baf56c3e4920b999eff6c7ece156f9fad6a5b95e51bf5e
SHA512

a646f8335ab70f2c23f63345b9f060eef223336fe877a48f4719d311441abbe00e17817119b649d4ac8f08992ca8c6ee2d036d7e99681e3dde927c95f94f85c5
SSDEEP

768:YlnzGt+w1foMSqtvrrU8HcdrNv/HGXl5mjrBXl2rJzra48luSYVCDWLZOolFYXPF:qzy1NtvHz8dNGVA58rJa48XjWkEYX88

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  e6589db22747ab7c4ae1eb8dbc7fb866_JaffaCakes118
- Size
  
  70KB
- MD5
  
  e6589db22747ab7c4ae1eb8dbc7fb866
- SHA1
  
  4d4617223e7f6fdf404ec08fcfa7aadde279c2e0
- SHA256
  
  5825f6e20048000d12baf56c3e4920b999eff6c7ece156f9fad6a5b95e51bf5e
- SHA512
  
  a646f8335ab70f2c23f63345b9f060eef223336fe877a48f4719d311441abbe00e17817119b649d4ac8f08992ca8c6ee2d036d7e99681e3dde927c95f94f85c5
- SSDEEP
  
  768:YlnzGt+w1foMSqtvrrU8HcdrNv/HGXl5mjrBXl2rJzra48luSYVCDWLZOolFYXPF:qzy1NtvHz8dNGVA58rJa48XjWkEYX88
Score

10^/10

discovery metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

metasploitbackdoordiscoverytrojan