metasploit | bcec1f78ecc1f8135249340fc74abb72d50609beb97cf68b6cfa5a88bb6a414a | Triage

Sharing

General

Target

9a289831d5bd565672b646ae1b671e8f_JaffaCakes118
Size

72KB
Sample

241125-jm84tasmbl
MD5

9a289831d5bd565672b646ae1b671e8f
SHA1

7bf4dc0208eaef14033cebeb9d86686ac105e986
SHA256

bcec1f78ecc1f8135249340fc74abb72d50609beb97cf68b6cfa5a88bb6a414a
SHA512

c85848fdea360cc1d64b8ecd024498ebc52f60fcc998eca360404723c115cab940f06649915574e5200c35cc911715f5c8fa528aab9a9e16631a834ef5c5c711
SSDEEP

1536:IwvDHMptfvyOtDYnddGbLwx/RFhMb+KR0Nc8QsJq39:lvzMX3ym4dk8xJFhe0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

80.59.116.204:4444

Targets

- Target
  
  9a289831d5bd565672b646ae1b671e8f_JaffaCakes118
- Size
  
  72KB
- MD5
  
  9a289831d5bd565672b646ae1b671e8f
- SHA1
  
  7bf4dc0208eaef14033cebeb9d86686ac105e986
- SHA256
  
  bcec1f78ecc1f8135249340fc74abb72d50609beb97cf68b6cfa5a88bb6a414a
- SHA512
  
  c85848fdea360cc1d64b8ecd024498ebc52f60fcc998eca360404723c115cab940f06649915574e5200c35cc911715f5c8fa528aab9a9e16631a834ef5c5c711
- SSDEEP
  
  1536:IwvDHMptfvyOtDYnddGbLwx/RFhMb+KR0Nc8QsJq39:lvzMX3ym4dk8xJFhe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan