metasploit | 1a0a62d44be682f8f6036291868ab04f5a11a60f5e5284d4b96fd2f947760482 | Triage

Sharing

General

Target

f3359ab104c813efcdb3949267ee9626_JaffaCakes118
Size

60KB
Sample

240924-j7cw4sxbqk
MD5

f3359ab104c813efcdb3949267ee9626
SHA1

c89e47f001c392a1ed75eeb126567dcf51fc7a17
SHA256

1a0a62d44be682f8f6036291868ab04f5a11a60f5e5284d4b96fd2f947760482
SHA512

cbd145556c1968f9dd35cd88af2ed444a1f250502f1b683a89b85bb3810ad8bbaeabf5959d8d4fccf8f1e0c9a7b6c59c24ca5555fab47b67074c637d6b12f4af
SSDEEP

1536:iBtQqmmkgGg7TjTK/h8DHZto58slDUADGRMlu:iBGqmkGgv3K/h8DHZc8+UZMlu

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.170.0.120:4444

Targets

- Target
  
  f3359ab104c813efcdb3949267ee9626_JaffaCakes118
- Size
  
  60KB
- MD5
  
  f3359ab104c813efcdb3949267ee9626
- SHA1
  
  c89e47f001c392a1ed75eeb126567dcf51fc7a17
- SHA256
  
  1a0a62d44be682f8f6036291868ab04f5a11a60f5e5284d4b96fd2f947760482
- SHA512
  
  cbd145556c1968f9dd35cd88af2ed444a1f250502f1b683a89b85bb3810ad8bbaeabf5959d8d4fccf8f1e0c9a7b6c59c24ca5555fab47b67074c637d6b12f4af
- SSDEEP
  
  1536:iBtQqmmkgGg7TjTK/h8DHZto58slDUADGRMlu:iBGqmkGgv3K/h8DHZc8+UZMlu
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan