metasploit | e4b1739eef6c8aa74aefcd241e2a1d38ca68dbeb8daef8d706594206d4dbc45f | Triage

Sharing

General

Target

9f0f0a2e051874268218e0881003b08c_JaffaCakes118
Size

291KB
Sample

241126-bxa1rstmbm
MD5

9f0f0a2e051874268218e0881003b08c
SHA1

7158dfad0899020de0ad92cd488d69128830693f
SHA256

e4b1739eef6c8aa74aefcd241e2a1d38ca68dbeb8daef8d706594206d4dbc45f
SHA512

76b1ebea23bba45df1208a0069be0e9c14026188ebc16f23ade43152c908ff38a0e9eda32b781232e73c2a9de3e277d00301b18486ee3ecd632a9a7d8940ccaf
SSDEEP

3072:m2ulHM8xeHFGBlZXQ8AxHCe8qKViO7OaZpOBF7mB5Kvwz3z+radXg2yBrojcCyTG:m2MeMBlZXpUHLO7OGCdU8Iz3z5obd8

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  9f0f0a2e051874268218e0881003b08c_JaffaCakes118
- Size
  
  291KB
- MD5
  
  9f0f0a2e051874268218e0881003b08c
- SHA1
  
  7158dfad0899020de0ad92cd488d69128830693f
- SHA256
  
  e4b1739eef6c8aa74aefcd241e2a1d38ca68dbeb8daef8d706594206d4dbc45f
- SHA512
  
  76b1ebea23bba45df1208a0069be0e9c14026188ebc16f23ade43152c908ff38a0e9eda32b781232e73c2a9de3e277d00301b18486ee3ecd632a9a7d8940ccaf
- SSDEEP
  
  3072:m2ulHM8xeHFGBlZXQ8AxHCe8qKViO7OaZpOBF7mB5Kvwz3z+radXg2yBrojcCyTG:m2MeMBlZXpUHLO7OGCdU8Iz3z5obd8
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan