metasploit | e5ba9db78bbb7b35f144cf6cafcdafea10742a225650a10f1a61674a5f7df528 | Triage

Sharing

General

Target

3a5f1f316ab593a9f863621249b9b933_JaffaCakes118
Size

4KB
Sample

241012-q69b9atelb
MD5

3a5f1f316ab593a9f863621249b9b933
SHA1

c70ecd0ef67adf9c002fee3f920b335bbcae7920
SHA256

e5ba9db78bbb7b35f144cf6cafcdafea10742a225650a10f1a61674a5f7df528
SHA512

984545fc2b2a217b1a38a37bc19823fa23b760bde11f899a6ff3e5f4ff1006a43042973c9fd446d4181ae6dacf8a343ddf46e1872f66acc4bc8fc20eceb8e9e5
SSDEEP

48:63iXkujlJLwcrzEqkBmxY8yeRHD36J+UtFskr6aNdNECZQ3IoMwhx0xDh5mYBk:60k2dHkB43LRHG+kskVufEwhGxDhjO

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp_allports

C2

192.168.86.1:12345

Targets

- Target
  
  3a5f1f316ab593a9f863621249b9b933_JaffaCakes118
- Size
  
  4KB
- MD5
  
  3a5f1f316ab593a9f863621249b9b933
- SHA1
  
  c70ecd0ef67adf9c002fee3f920b335bbcae7920
- SHA256
  
  e5ba9db78bbb7b35f144cf6cafcdafea10742a225650a10f1a61674a5f7df528
- SHA512
  
  984545fc2b2a217b1a38a37bc19823fa23b760bde11f899a6ff3e5f4ff1006a43042973c9fd446d4181ae6dacf8a343ddf46e1872f66acc4bc8fc20eceb8e9e5
- SSDEEP
  
  48:63iXkujlJLwcrzEqkBmxY8yeRHD36J+UtFskr6aNdNECZQ3IoMwhx0xDh5mYBk:60k2dHkB43LRHG+kskVufEwhGxDhjO
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan