Overview

overview

10

Static

static

3

e8510e60bb...18.exe

windows7-x64

1

e8510e60bb...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e8510e60bb69906663266ed956c44a0f_JaffaCakes118

  • Size

    15KB

  • Sample

    240918-ewlmnasgnm

  • MD5

    e8510e60bb69906663266ed956c44a0f

  • SHA1

    a1e60443308e8b7768d13b12828dffbe1f7c9775

  • SHA256

    1bc7b8ec5b560893981f8264e819c75f4731a0734ec3e49cc54a906a3143584d

  • SHA512

    714765aad30a83cf1e9f26b541f20b8aeea237f837a5ef6db229add1c844bafd12b4187d726950326cf297cfe3e81cc139560c70367294349a191973b4dde008

  • SSDEEP

    192:ZYf2ZQu9g0tYuokm+SRJkDlBpaViNnrP4iC9Yg8IDl4bXjHOk8Y9:ZYfKQu9g0S/km+SRJA/NvssXjHeY

Score
10/10
metasploitbackdoordiscoveryexecutiontrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://204.44.83.217:443/pnL2

Targets

    • Target

      e8510e60bb69906663266ed956c44a0f_JaffaCakes118

    • Size

      15KB

    • MD5

      e8510e60bb69906663266ed956c44a0f

    • SHA1

      a1e60443308e8b7768d13b12828dffbe1f7c9775

    • SHA256

      1bc7b8ec5b560893981f8264e819c75f4731a0734ec3e49cc54a906a3143584d

    • SHA512

      714765aad30a83cf1e9f26b541f20b8aeea237f837a5ef6db229add1c844bafd12b4187d726950326cf297cfe3e81cc139560c70367294349a191973b4dde008

    • SSDEEP

      192:ZYf2ZQu9g0tYuokm+SRJkDlBpaViNnrP4iC9Yg8IDl4bXjHOk8Y9:ZYfKQu9g0S/km+SRJA/NvssXjHeY

    Score
    10/10
    metasploitbackdoordiscoveryexecutiontrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks