metasploit | 41995325cc3da2a0e456bf3c28da4126bc2ff044571e1f3716d48f0bdc0882ed | Triage

Sharing

General

Target

efad093f92f52cc63d051a1d3cbb76dd_JaffaCakes118
Size

72KB
Sample

240921-nd531syhrc
MD5

efad093f92f52cc63d051a1d3cbb76dd
SHA1

1fda02b5868c385c3dc8c459f111333d49a4a174
SHA256

41995325cc3da2a0e456bf3c28da4126bc2ff044571e1f3716d48f0bdc0882ed
SHA512

cdb4a0308dad4236a6fff4452f32919f31858053958a698c32ff6bed0cea6c993c35baf949ba0224e762d50941303b41003b3a8d29017f3c597cd8b20a8c01c0
SSDEEP

1536:Iis9SmLRKI4jFWzxMbECKn23dV/I7majBMb+KR0Nc8QsJq39:V+ScVmFWzxx9eI7majBe0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.250.129:4444

Targets

- Target
  
  efad093f92f52cc63d051a1d3cbb76dd_JaffaCakes118
- Size
  
  72KB
- MD5
  
  efad093f92f52cc63d051a1d3cbb76dd
- SHA1
  
  1fda02b5868c385c3dc8c459f111333d49a4a174
- SHA256
  
  41995325cc3da2a0e456bf3c28da4126bc2ff044571e1f3716d48f0bdc0882ed
- SHA512
  
  cdb4a0308dad4236a6fff4452f32919f31858053958a698c32ff6bed0cea6c993c35baf949ba0224e762d50941303b41003b3a8d29017f3c597cd8b20a8c01c0
- SSDEEP
  
  1536:Iis9SmLRKI4jFWzxMbECKn23dV/I7majBMb+KR0Nc8QsJq39:V+ScVmFWzxx9eI7majBe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan