metasploit | 6d59f5b6bed43804ea372c82ab89bef56f7da0a4cd4d710c9bc24a61b020cfff | Triage

Sharing

General

Target

ec6ca99af8372e9e0aac3554e5a5ea66_JaffaCakes118
Size

56KB
Sample

240919-3vsxcayajp
MD5

ec6ca99af8372e9e0aac3554e5a5ea66
SHA1

e2308f5ee966218ebca095ff08a496f8c50ca523
SHA256

6d59f5b6bed43804ea372c82ab89bef56f7da0a4cd4d710c9bc24a61b020cfff
SHA512

ff52449480f82c05ab160ccc242aa8f466e152a87f0886bb19adc8872b00bc28733676f252af459dc4675b5c6a35d7c917c79f6b38335bec9c953ca7685d82d2
SSDEEP

1536:wet+aF08bJKazAy4Y7wxpU41o3eqOlAh:8U0gzAy4Yk7q3eH0

Score

10^/10

metasploit discovery persistence

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  ec6ca99af8372e9e0aac3554e5a5ea66_JaffaCakes118
- Size
  
  56KB
- MD5
  
  ec6ca99af8372e9e0aac3554e5a5ea66
- SHA1
  
  e2308f5ee966218ebca095ff08a496f8c50ca523
- SHA256
  
  6d59f5b6bed43804ea372c82ab89bef56f7da0a4cd4d710c9bc24a61b020cfff
- SHA512
  
  ff52449480f82c05ab160ccc242aa8f466e152a87f0886bb19adc8872b00bc28733676f252af459dc4675b5c6a35d7c917c79f6b38335bec9c953ca7685d82d2
- SSDEEP
  
  1536:wet+aF08bJKazAy4Y7wxpU41o3eqOlAh:8U0gzAy4Yk7q3eH0
Score

8^/10

discovery persistence
- Event Triggered Execution: Image File Execution Options Injection
  persistence
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Image File Execution Options Injection

Privilege Escalation

Event Triggered Execution

Image File Execution Options Injection

Defense Evasion

Credential Access

Discovery

Network Share Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

discoverypersistence