metasploit | 1eda80aaef0a7d3cdc41e4ad93dba17a5731ca77d9be6efb297634b135d6705f | Triage

Sharing

General

Target

a9b26d76d855c2427813d22600ba797a_JaffaCakes118
Size

244KB
Sample

241127-z8tt1s1may
MD5

a9b26d76d855c2427813d22600ba797a
SHA1

8f5e4c29157bbe9691bf625ed5ea72a34cf86eec
SHA256

1eda80aaef0a7d3cdc41e4ad93dba17a5731ca77d9be6efb297634b135d6705f
SHA512

b98d10ead941c78dd30cc70d2f63133089d5619f0e529e33163b619fcaa6fde09a310c65d2ed6e68be3315e436501c2ac0d809690494266a39eecc3baa17e1da
SSDEEP

6144:Y2MeMBlZXpUHLO7OGCdU8Iz3zPobd8EEEEEEEEEEEEEEEEEEEO:Y8MBlgrO7OGseiu

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  a9b26d76d855c2427813d22600ba797a_JaffaCakes118
- Size
  
  244KB
- MD5
  
  a9b26d76d855c2427813d22600ba797a
- SHA1
  
  8f5e4c29157bbe9691bf625ed5ea72a34cf86eec
- SHA256
  
  1eda80aaef0a7d3cdc41e4ad93dba17a5731ca77d9be6efb297634b135d6705f
- SHA512
  
  b98d10ead941c78dd30cc70d2f63133089d5619f0e529e33163b619fcaa6fde09a310c65d2ed6e68be3315e436501c2ac0d809690494266a39eecc3baa17e1da
- SSDEEP
  
  6144:Y2MeMBlZXpUHLO7OGCdU8Iz3zPobd8EEEEEEEEEEEEEEEEEEEO:Y8MBlgrO7OGseiu
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan