metasploit | a339d8b5036c80bb755fc4c78ef97d3cd849692a6dbd5b825b001dd1bd4878bf | Triage

Sharing

General

Target

94cb18098d05da7483ca553db7e0e177_JaffaCakes118
Size

457KB
Sample

241124-p5dzaawren
MD5

94cb18098d05da7483ca553db7e0e177
SHA1

1a81285f2dc96bf0881e3e9bb919d437a96a5ba4
SHA256

a339d8b5036c80bb755fc4c78ef97d3cd849692a6dbd5b825b001dd1bd4878bf
SHA512

635af6c0a6bf0e54579f1678623b85a1d1c537d57425ba5f4f764a9f0e72343f69b4a112e6953e22a0286686af560df76bc1b77991130104a31e717e63627ead
SSDEEP

12288:UQPA6krEJBqWNtDjLcnKNalKv1V0pjq1GBs:UQ0WNtD/qzAP0Nq1

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  94cb18098d05da7483ca553db7e0e177_JaffaCakes118
- Size
  
  457KB
- MD5
  
  94cb18098d05da7483ca553db7e0e177
- SHA1
  
  1a81285f2dc96bf0881e3e9bb919d437a96a5ba4
- SHA256
  
  a339d8b5036c80bb755fc4c78ef97d3cd849692a6dbd5b825b001dd1bd4878bf
- SHA512
  
  635af6c0a6bf0e54579f1678623b85a1d1c537d57425ba5f4f764a9f0e72343f69b4a112e6953e22a0286686af560df76bc1b77991130104a31e717e63627ead
- SSDEEP
  
  12288:UQPA6krEJBqWNtDjLcnKNalKv1V0pjq1GBs:UQ0WNtD/qzAP0Nq1
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan