metasploit | 7dbae0ed5df2ae4b7a84004fa5cc78225986239342fd84cde91a5ef78be01708 | Triage

Sharing

General

Target

f4ce09b59dae3b2e3e4c85db80f6c199_JaffaCakes118
Size

124KB
Sample

240925-a2b8ysvbmj
MD5

f4ce09b59dae3b2e3e4c85db80f6c199
SHA1

53871024857fe7f6fff616329c2ee5dcfa4ddd6d
SHA256

7dbae0ed5df2ae4b7a84004fa5cc78225986239342fd84cde91a5ef78be01708
SHA512

551f710276d164d11cff6a2ab149fe7915ec5450feec95cbdb05497b08715b1cc8bf730d7908cffa213b39e9768854312f66649ae370a0bf6037e0950ec129f4
SSDEEP

3072:BlfSv3TznN0u3juM52r+/PibY2YzBxkN4BW4hd/hMdTWDmNzpE3:Pf+NRzj2C/Pr2YzzW2l9kyGzp8

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  f4ce09b59dae3b2e3e4c85db80f6c199_JaffaCakes118
- Size
  
  124KB
- MD5
  
  f4ce09b59dae3b2e3e4c85db80f6c199
- SHA1
  
  53871024857fe7f6fff616329c2ee5dcfa4ddd6d
- SHA256
  
  7dbae0ed5df2ae4b7a84004fa5cc78225986239342fd84cde91a5ef78be01708
- SHA512
  
  551f710276d164d11cff6a2ab149fe7915ec5450feec95cbdb05497b08715b1cc8bf730d7908cffa213b39e9768854312f66649ae370a0bf6037e0950ec129f4
- SSDEEP
  
  3072:BlfSv3TznN0u3juM52r+/PibY2YzBxkN4BW4hd/hMdTWDmNzpE3:Pf+NRzj2C/Pr2YzzW2l9kyGzp8
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan