metasploit | 05a485884308d8395f1605a3fa21e6167a1d8b17b5e5776860f37f3b84784a41 | Triage

Sharing

General

Target

a1d134b756dbfa6daec8694b0e88dd32_JaffaCakes118
Size

220KB
Sample

241126-n8vkrswraj
MD5

a1d134b756dbfa6daec8694b0e88dd32
SHA1

7233543c841fb0ae3da20888f5502b24cbf85ece
SHA256

05a485884308d8395f1605a3fa21e6167a1d8b17b5e5776860f37f3b84784a41
SHA512

95c0cb401a155a97b3ab38b466bbb0ebb6e67672d58b5553db02fddaa388b20292b660ecafac12ab30be8b4418a2278fc91ea10ef15526a3b5fbad3b5296a5df
SSDEEP

6144:DnPo/W4nDWgRAkPYxce/a9zH2QmOY6xWa:DnPoTR3PYxax26xWa

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  a1d134b756dbfa6daec8694b0e88dd32_JaffaCakes118
- Size
  
  220KB
- MD5
  
  a1d134b756dbfa6daec8694b0e88dd32
- SHA1
  
  7233543c841fb0ae3da20888f5502b24cbf85ece
- SHA256
  
  05a485884308d8395f1605a3fa21e6167a1d8b17b5e5776860f37f3b84784a41
- SHA512
  
  95c0cb401a155a97b3ab38b466bbb0ebb6e67672d58b5553db02fddaa388b20292b660ecafac12ab30be8b4418a2278fc91ea10ef15526a3b5fbad3b5296a5df
- SSDEEP
  
  6144:DnPo/W4nDWgRAkPYxce/a9zH2QmOY6xWa:DnPoTR3PYxax26xWa
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan