metasploit | b6090bc8c6abb34b1aea7d42b1b53b96ed00149d259cb3c855fbbd57aaf70083 | Triage

Sharing

General

Target

9c9cd15bf8d7241ac4908a3d54c9c73e_JaffaCakes118
Size

65KB
Sample

241125-tvpp9a1rgn
MD5

9c9cd15bf8d7241ac4908a3d54c9c73e
SHA1

1e18a920d119cc0e12af595c8914342d4b949c00
SHA256

b6090bc8c6abb34b1aea7d42b1b53b96ed00149d259cb3c855fbbd57aaf70083
SHA512

1add85eb362c19d39917dd08594fc3ec219e9d92a220831aedaab514c3914c58b7744bcede14969db4f8d0179b0aba19925948939d161132d2c69eca1c6c54f7
SSDEEP

1536:+5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER2ySTneV18DViC:+p5wfCQF92HpkeWpgySTneV1CVt

Score

10^/10

metasploit backdoor discovery evasion trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  9c9cd15bf8d7241ac4908a3d54c9c73e_JaffaCakes118
- Size
  
  65KB
- MD5
  
  9c9cd15bf8d7241ac4908a3d54c9c73e
- SHA1
  
  1e18a920d119cc0e12af595c8914342d4b949c00
- SHA256
  
  b6090bc8c6abb34b1aea7d42b1b53b96ed00149d259cb3c855fbbd57aaf70083
- SHA512
  
  1add85eb362c19d39917dd08594fc3ec219e9d92a220831aedaab514c3914c58b7744bcede14969db4f8d0179b0aba19925948939d161132d2c69eca1c6c54f7
- SSDEEP
  
  1536:+5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER2ySTneV18DViC:+p5wfCQF92HpkeWpgySTneV1CVt
Score

10^/10

metasploit backdoor discovery evasion trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Modifies firewall policy service
  evasion
- Modifies security service
  evasion
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoveryevasiontrojan

behavioral2

metasploitbackdoordiscoveryevasiontrojan