metasploit | 2c5f02b4ffa36681a0f50ae5076c3db45ee57de95c96c2a345f539ee404aacac | Triage

Sharing

General

Target

f7cd6953c041e34f5c06d45d5fd1b653_JaffaCakes118
Size

444KB
Sample

240926-hlx5gstblm
MD5

f7cd6953c041e34f5c06d45d5fd1b653
SHA1

4a244d72383b796710014ac26e3a3db77107b10e
SHA256

2c5f02b4ffa36681a0f50ae5076c3db45ee57de95c96c2a345f539ee404aacac
SHA512

9bbd9ed186654fe36451fca8606e2c671a94d4128dd3876a62fe39403fccf1d40e02581348609e781aec91a854d22e1542bbe81f3bc5e69f7b46d13d2898f150
SSDEEP

6144:fCdRtQcG5YD7APNKNRb4o41KEpc8EmLKRo1UEJHJVevweHWcxFg0SPPCRA7fFnbZ:adRtQx5bP87Mc8TLuedoIMIyQn6

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

10.0.1.8:4444

Targets

- Target
  
  f7cd6953c041e34f5c06d45d5fd1b653_JaffaCakes118
- Size
  
  444KB
- MD5
  
  f7cd6953c041e34f5c06d45d5fd1b653
- SHA1
  
  4a244d72383b796710014ac26e3a3db77107b10e
- SHA256
  
  2c5f02b4ffa36681a0f50ae5076c3db45ee57de95c96c2a345f539ee404aacac
- SHA512
  
  9bbd9ed186654fe36451fca8606e2c671a94d4128dd3876a62fe39403fccf1d40e02581348609e781aec91a854d22e1542bbe81f3bc5e69f7b46d13d2898f150
- SSDEEP
  
  6144:fCdRtQcG5YD7APNKNRb4o41KEpc8EmLKRo1UEJHJVevweHWcxFg0SPPCRA7fFnbZ:adRtQx5bP87Mc8TLuedoIMIyQn6
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan