metasploit | 04642dfbe5cbeac786194d8e52133483547687a8d4071a1ef676f2adda77a4ba | Triage

Sharing

General

Target

f7f407b100f802f3d4584a074a23f8b6_JaffaCakes118
Size

216KB
Sample

240926-j7wn8awgpq
MD5

f7f407b100f802f3d4584a074a23f8b6
SHA1

2ed40e9aedfc6285748cbaef6f3ab172bb865ae3
SHA256

04642dfbe5cbeac786194d8e52133483547687a8d4071a1ef676f2adda77a4ba
SHA512

274efed7d22e561181c9719d8879d7b2354345d97fb2b856eca84d1887e4340b771da6c5a4fda97e4a0325082147e1a111866fd17317dd8530d955723ed151c3
SSDEEP

3072:5SnjVMFgw+EDBqmnwTE38Z5hq8FnKsuQ5+Usj:inw+EMowTE3Cqg9+U

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

212.59.242.172:8843

Targets

- Target
  
  f7f407b100f802f3d4584a074a23f8b6_JaffaCakes118
- Size
  
  216KB
- MD5
  
  f7f407b100f802f3d4584a074a23f8b6
- SHA1
  
  2ed40e9aedfc6285748cbaef6f3ab172bb865ae3
- SHA256
  
  04642dfbe5cbeac786194d8e52133483547687a8d4071a1ef676f2adda77a4ba
- SHA512
  
  274efed7d22e561181c9719d8879d7b2354345d97fb2b856eca84d1887e4340b771da6c5a4fda97e4a0325082147e1a111866fd17317dd8530d955723ed151c3
- SSDEEP
  
  3072:5SnjVMFgw+EDBqmnwTE38Z5hq8FnKsuQ5+Usj:inw+EMowTE3Cqg9+U
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan