metasploit | a7b3114826f729f0f02bc4305e0e36da26466ee10dea8cc04c0b57384fd20d87 | Triage

Sharing

General

Target

f551ae44ab4de11b3f100fbb1e909bda_JaffaCakes118
Size

375KB
Sample

240925-ge37gsyaqn
MD5

f551ae44ab4de11b3f100fbb1e909bda
SHA1

c710f8fc722cab40582acca5fa38862e33ad365c
SHA256

a7b3114826f729f0f02bc4305e0e36da26466ee10dea8cc04c0b57384fd20d87
SHA512

c2356e0193f1884865b84dc56cb6b3eb5ab75acaac5b2d17a18bd6cb10f36aa2a49c64e6eb56a05038753a17e9c6cf76517840cbd4ffdcfd51b72b6bef98ba96
SSDEEP

6144:LSX6X2+QyCFHkADelvO8GXx8+p+ySUr33lmsjfx10vGm1YU3/zRhSsZRE:sIpDAkAQlGXWXjcR70vl9LRhTO

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

75.146.209.138:443

Targets

- Target
  
  f551ae44ab4de11b3f100fbb1e909bda_JaffaCakes118
- Size
  
  375KB
- MD5
  
  f551ae44ab4de11b3f100fbb1e909bda
- SHA1
  
  c710f8fc722cab40582acca5fa38862e33ad365c
- SHA256
  
  a7b3114826f729f0f02bc4305e0e36da26466ee10dea8cc04c0b57384fd20d87
- SHA512
  
  c2356e0193f1884865b84dc56cb6b3eb5ab75acaac5b2d17a18bd6cb10f36aa2a49c64e6eb56a05038753a17e9c6cf76517840cbd4ffdcfd51b72b6bef98ba96
- SSDEEP
  
  6144:LSX6X2+QyCFHkADelvO8GXx8+p+ySUr33lmsjfx10vGm1YU3/zRhSsZRE:sIpDAkAQlGXWXjcR70vl9LRhTO
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan