metasploit | 48ddef41ef302f714c47584ab96b1eac1f4f7c7c7288421fff28a71e4812fc9c | Triage

Sharing

General

Target

ef80e63e9abadcc12d7bf0f415d70863_JaffaCakes118
Size

20KB
Sample

240921-lf48dsvgpp
MD5

ef80e63e9abadcc12d7bf0f415d70863
SHA1

86a6fdaad8a76878ff830c0cf583a964e565fe92
SHA256

48ddef41ef302f714c47584ab96b1eac1f4f7c7c7288421fff28a71e4812fc9c
SHA512

9691514f44a17e78772946ffdd16affa687c47d36e90c9b47afdc362d5ee61d3c620e4da5f31cd1d6170cdbcaa89ccf37f9a588b86bc87dfda1ffccbcfd5854c
SSDEEP

192:1j7yDMANpGxejPwXcKIFkLWzCsPP74Bkwqmxpbi4avCAOqhLA6B9sTZAAZCMl:1j77xeyz4CaDkDiROWQAXS

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.2:10001

Targets

- Target
  
  ef80e63e9abadcc12d7bf0f415d70863_JaffaCakes118
- Size
  
  20KB
- MD5
  
  ef80e63e9abadcc12d7bf0f415d70863
- SHA1
  
  86a6fdaad8a76878ff830c0cf583a964e565fe92
- SHA256
  
  48ddef41ef302f714c47584ab96b1eac1f4f7c7c7288421fff28a71e4812fc9c
- SHA512
  
  9691514f44a17e78772946ffdd16affa687c47d36e90c9b47afdc362d5ee61d3c620e4da5f31cd1d6170cdbcaa89ccf37f9a588b86bc87dfda1ffccbcfd5854c
- SSDEEP
  
  192:1j7yDMANpGxejPwXcKIFkLWzCsPP74Bkwqmxpbi4avCAOqhLA6B9sTZAAZCMl:1j77xeyz4CaDkDiROWQAXS
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan