Overview

overview

10

Static

static

3

ed4e44b5b8...18.exe

windows7-x64

10

ed4e44b5b8...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ed4e44b5b8a9b07bca4785c5bdd18bd9_JaffaCakes118

  • Size

    72KB

  • Sample

    240920-lhfykszbpf

  • MD5

    ed4e44b5b8a9b07bca4785c5bdd18bd9

  • SHA1

    976990c150fc5bc5164684aea95155b1b75e2a85

  • SHA256

    889d9225eb957cdfc1a7211d8c98c941354fca32748553d2bcec623416a90524

  • SHA512

    9d096c1dbab566beeaca55b0752add3281586681b61589bc13564d2e041070e054bd73637a292fb0186399ed294970e904507484dd6953df7fa463e861202192

  • SSDEEP

    1536:I5Mx/PoI86GPVHo5uAljCwm35Mb+KR0Nc8QsJq39:S8PoI86CWu8m35e0Nc8QsC9

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.56.102:31337

Targets

    • Target

      ed4e44b5b8a9b07bca4785c5bdd18bd9_JaffaCakes118

    • Size

      72KB

    • MD5

      ed4e44b5b8a9b07bca4785c5bdd18bd9

    • SHA1

      976990c150fc5bc5164684aea95155b1b75e2a85

    • SHA256

      889d9225eb957cdfc1a7211d8c98c941354fca32748553d2bcec623416a90524

    • SHA512

      9d096c1dbab566beeaca55b0752add3281586681b61589bc13564d2e041070e054bd73637a292fb0186399ed294970e904507484dd6953df7fa463e861202192

    • SSDEEP

      1536:I5Mx/PoI86GPVHo5uAljCwm35Mb+KR0Nc8QsJq39:S8PoI86CWu8m35e0Nc8QsC9

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks