metasploit | 12a1dde7537248ca0b594549d6954f808bf808d383a19a228febb29cc6f0b3a2 | Triage

Analysis

max time kernel
140s
max time network
145s
platform
windows7_x64
resource
win7-20240729-en
resource tags

arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
submitted
27-11-2024 17:23

Sharing

Report Analysis Logs

General

Target

a8e517e9f35bf1e33c9850e31a57a1bc_JaffaCakes118.exe
Size

41KB
MD5

a8e517e9f35bf1e33c9850e31a57a1bc
SHA1

7c41a5db8425233e4acb310c5f1f42658727d600
SHA256

12a1dde7537248ca0b594549d6954f808bf808d383a19a228febb29cc6f0b3a2
SHA512

3085e271fe0f7557a175878412a355778d4f3ba2bccecaac32262694029cbbbf97c8a4e517e56a1cb8e8d257190ed9fd64a467683b889119fdbfbc3b525f699d
SSDEEP

768:tUY1BCPgksRQK0JHXgP5CyNKoHnlVq4dA0RLQ:jB4iQF9gc0to

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.30:4444

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\a8e517e9f35bf1e33c9850e31a57a1bc_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\a8e517e9f35bf1e33c9850e31a57a1bc_JaffaCakes118.exe"
1⤵
PID:1820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1820-0-0x0000000000400000-0x0000000000410000-memory.dmp

Filesize
64KB

Download