metasploit | ea39d184c1b1623df478770b89b1dff3618b150172c2c86e9c58a56b5a3e9457 | Triage

Submit
Reports

Overview

overview

Static

static

5

881ec9257e...18.exe

windows7-x64

881ec9257e...18.exe

windows10-2004-x64

Sharing

General

Target

881ec9257e10602fe310d11a008e16e0_JaffaCakes118
Size

35KB
Sample

241102-2az99awqh1
MD5

881ec9257e10602fe310d11a008e16e0
SHA1

41ac00fdc37e678ba37ba7f25c2174a4a2a0e5e3
SHA256

ea39d184c1b1623df478770b89b1dff3618b150172c2c86e9c58a56b5a3e9457
SHA512

7570d40c463415bf71a49a0cfe8f2925336a37debff8d8eb08f96ee02e210144e7a3cbf052d3c1e4a2fe6e8c6892904bd769789a254c1ce946d8f0c5b33d4ee0
SSDEEP

768:ULklD4zXpoSv6t8YwknTfKRpSbcpJCQ+uf1N:UL40zZo6UVwuCRfYUH

Score

10^/10

metasploit backdoor discovery trojan upx

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

881ec9257e10602fe310d11a008e16e0_JaffaCakes118.exe

Resource

win7-20241010-en

metasploit backdoor discovery trojan upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

881ec9257e10602fe310d11a008e16e0_JaffaCakes118.exe

Resource

win10v2004-20241007-en

metasploit backdoor discovery trojan upx

windows10-2004-x64

8 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  881ec9257e10602fe310d11a008e16e0_JaffaCakes118
- Size
  
  35KB
- MD5
  
  881ec9257e10602fe310d11a008e16e0
- SHA1
  
  41ac00fdc37e678ba37ba7f25c2174a4a2a0e5e3
- SHA256
  
  ea39d184c1b1623df478770b89b1dff3618b150172c2c86e9c58a56b5a3e9457
- SHA512
  
  7570d40c463415bf71a49a0cfe8f2925336a37debff8d8eb08f96ee02e210144e7a3cbf052d3c1e4a2fe6e8c6892904bd769789a254c1ce946d8f0c5b33d4ee0
- SSDEEP
  
  768:ULklD4zXpoSv6t8YwknTfKRpSbcpJCQ+uf1N:UL40zZo6UVwuCRfYUH
Score

10^/10

metasploit backdoor discovery trojan upx
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojanupx

behavioral2

metasploitbackdoordiscoverytrojanupx

© 2018-2025

Terms | Privacy