metasploit | dc0bb398fb4f591cc8ff97d27141ba56cae87611911159a7386716ffb7f86a9e | Triage

Sharing

General

Target

98dd877970315a1ef23704d9c9f6b984_JaffaCakes118
Size

37KB
Sample

241125-dqergsvrcy
MD5

98dd877970315a1ef23704d9c9f6b984
SHA1

6b7fcc6595e453eb5d01cb9a871b6759581dbc2e
SHA256

dc0bb398fb4f591cc8ff97d27141ba56cae87611911159a7386716ffb7f86a9e
SHA512

b78fcbec318edf1c55b24603a1c7ce8dca1756c5ac0ab372750ee2737d7f6fa7e9dbef626865542c95d7515921d8382e518f37554926d1a2baa20177aba4ba1d
SSDEEP

768:v0upc0vIAEkyMFFbccrai3Upu7sOCWSiJl62lxNeNH8/T6lRZ95x:v0upb2MXcUvoNK0KxNEzh5x

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/reverse_tcp_allports

C2

192.168.11.7:4455

Targets

- Target
  
  98dd877970315a1ef23704d9c9f6b984_JaffaCakes118
- Size
  
  37KB
- MD5
  
  98dd877970315a1ef23704d9c9f6b984
- SHA1
  
  6b7fcc6595e453eb5d01cb9a871b6759581dbc2e
- SHA256
  
  dc0bb398fb4f591cc8ff97d27141ba56cae87611911159a7386716ffb7f86a9e
- SHA512
  
  b78fcbec318edf1c55b24603a1c7ce8dca1756c5ac0ab372750ee2737d7f6fa7e9dbef626865542c95d7515921d8382e518f37554926d1a2baa20177aba4ba1d
- SSDEEP
  
  768:v0upc0vIAEkyMFFbccrai3Upu7sOCWSiJl62lxNeNH8/T6lRZ95x:v0upb2MXcUvoNK0KxNEzh5x
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan