metasploit | d71cf481df4c1e1b923ec7455ce4c18419b9f08975f49a898d35c0f9b8af776e | Triage

Sharing

General

Target

a709698a414459ae38dd032706bcc1c4_JaffaCakes118
Size

159KB
Sample

241127-k1sjnaxjfv
MD5

a709698a414459ae38dd032706bcc1c4
SHA1

cd0d8b0261145931c34134b290663795903a0857
SHA256

d71cf481df4c1e1b923ec7455ce4c18419b9f08975f49a898d35c0f9b8af776e
SHA512

4c2f1c19d8f16d4c605deb148c67e7ae24057d3cceb94b0e427defa91e12661582dd747a86c9e72c0ad9b3db8501fe86fded5827859cf380280dcc986c2d221c
SSDEEP

3072:S2Cn0lzRlAVeXveI9CFz/mLc2CZQsWFUVZCOTZNGjBJuG/Xc:S22gzRC0XveI9KuLcvZQhutT/Sf//Xc

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  a709698a414459ae38dd032706bcc1c4_JaffaCakes118
- Size
  
  159KB
- MD5
  
  a709698a414459ae38dd032706bcc1c4
- SHA1
  
  cd0d8b0261145931c34134b290663795903a0857
- SHA256
  
  d71cf481df4c1e1b923ec7455ce4c18419b9f08975f49a898d35c0f9b8af776e
- SHA512
  
  4c2f1c19d8f16d4c605deb148c67e7ae24057d3cceb94b0e427defa91e12661582dd747a86c9e72c0ad9b3db8501fe86fded5827859cf380280dcc986c2d221c
- SSDEEP
  
  3072:S2Cn0lzRlAVeXveI9CFz/mLc2CZQsWFUVZCOTZNGjBJuG/Xc:S22gzRC0XveI9KuLcvZQhutT/Sf//Xc
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan