metasploit | 2e55617db3cc088420d78898548be6e92b88e6f1e56b732284fcbef2131dd6d8 | Triage

Sharing

General

Target

e6a0376fe32518ebdce685208edb9470_JaffaCakes118
Size

23KB
Sample

240917-mlk75sycll
MD5

e6a0376fe32518ebdce685208edb9470
SHA1

88558d2cb961bbdd04608fd321ef24c90e930a11
SHA256

2e55617db3cc088420d78898548be6e92b88e6f1e56b732284fcbef2131dd6d8
SHA512

df91e7d42453b73c36abc6a0dac2653acb2380551ca5efbfa063903ad39460ce18ffe8de0897e418def0ce747274a0bd151140f7dfedf2d6fc7200a747660244
SSDEEP

384:lCxRKqbOCdWIVBPk+xzqw6fCXAnz5eDZ/d5GBQlJRrMK6jr1:lCxTRVJkLTfiAd6GrKgZ

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://47.95.205.52:10086/8xCi

Targets

- Target
  
  e6a0376fe32518ebdce685208edb9470_JaffaCakes118
- Size
  
  23KB
- MD5
  
  e6a0376fe32518ebdce685208edb9470
- SHA1
  
  88558d2cb961bbdd04608fd321ef24c90e930a11
- SHA256
  
  2e55617db3cc088420d78898548be6e92b88e6f1e56b732284fcbef2131dd6d8
- SHA512
  
  df91e7d42453b73c36abc6a0dac2653acb2380551ca5efbfa063903ad39460ce18ffe8de0897e418def0ce747274a0bd151140f7dfedf2d6fc7200a747660244
- SSDEEP
  
  384:lCxRKqbOCdWIVBPk+xzqw6fCXAnz5eDZ/d5GBQlJRrMK6jr1:lCxTRVJkLTfiAd6GrKgZ
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan