metasploit | 51af4d64a7807ab8e855027b8f8a816e56a6a69fd0fb75a4961805cdd07c5aad | Triage

Sharing

General

Target

f1137596260f0276b91aa372591d7d55_JaffaCakes118
Size

84KB
Sample

240922-clsl4sxcrl
MD5

f1137596260f0276b91aa372591d7d55
SHA1

0b2161910506b407a0cec13237da7b27d778ee74
SHA256

51af4d64a7807ab8e855027b8f8a816e56a6a69fd0fb75a4961805cdd07c5aad
SHA512

4b6dbf33fd95a195038bb7d2aec39d7fe32c49dc46417b64c575dddde56e4d049e96634fadd689efb4e78aea007820553e2a8489cccb2fd9ac026453391973b7
SSDEEP

1536:s+dCpQcP1tfKt2yJUHF/ZjxsuXlJaQfPhr6XuVDSaA5scDsrR2:s+CN9tuNgNZ1sOlJf+CSaFF2

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.22.128:31337

Targets

- Target
  
  f1137596260f0276b91aa372591d7d55_JaffaCakes118
- Size
  
  84KB
- MD5
  
  f1137596260f0276b91aa372591d7d55
- SHA1
  
  0b2161910506b407a0cec13237da7b27d778ee74
- SHA256
  
  51af4d64a7807ab8e855027b8f8a816e56a6a69fd0fb75a4961805cdd07c5aad
- SHA512
  
  4b6dbf33fd95a195038bb7d2aec39d7fe32c49dc46417b64c575dddde56e4d049e96634fadd689efb4e78aea007820553e2a8489cccb2fd9ac026453391973b7
- SSDEEP
  
  1536:s+dCpQcP1tfKt2yJUHF/ZjxsuXlJaQfPhr6XuVDSaA5scDsrR2:s+CN9tuNgNZ1sOlJf+CSaFF2
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan