metasploit | aeb0b37b02fd1d03f97b55069b9fa4eff5da902fbc4369053cf2046b5aa38da0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

13182bfd67a37ea85044c821922c1542_JaffaCakes118
Size

155KB
Sample

241004-m8bbfszhlm
MD5

13182bfd67a37ea85044c821922c1542
SHA1

bf023a787662a7af944536120b0525a8c19d3159
SHA256

aeb0b37b02fd1d03f97b55069b9fa4eff5da902fbc4369053cf2046b5aa38da0
SHA512

7871d17e4e1783776f003f25d37bca3e70129131528a5b9b09a2525acf10648d68eb56d3b90087db891d816f697def84909f5a395f92e61520bd3709168de2e7
SSDEEP

3072:NMhNo5TeXlicUkykgnfyktNe6BhraivprqU07dFUZjNWFiJ:NaqT2lnVgfjXAivpmU0x+Z0M

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  13182bfd67a37ea85044c821922c1542_JaffaCakes118
- Size
  
  155KB
- MD5
  
  13182bfd67a37ea85044c821922c1542
- SHA1
  
  bf023a787662a7af944536120b0525a8c19d3159
- SHA256
  
  aeb0b37b02fd1d03f97b55069b9fa4eff5da902fbc4369053cf2046b5aa38da0
- SHA512
  
  7871d17e4e1783776f003f25d37bca3e70129131528a5b9b09a2525acf10648d68eb56d3b90087db891d816f697def84909f5a395f92e61520bd3709168de2e7
- SSDEEP
  
  3072:NMhNo5TeXlicUkykgnfyktNe6BhraivprqU07dFUZjNWFiJ:NaqT2lnVgfjXAivpmU0x+Z0M
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan