metasploit | 02468c056a80b650117d022bf8cec92e8e5ab1d54bffc2be57c69ba75900939f | Triage

Sharing

General

Target

af159f69da69a1347f4aec364d8d516a_JaffaCakes118
Size

237KB
Sample

241129-fssggaxla1
MD5

af159f69da69a1347f4aec364d8d516a
SHA1

43cc8809c0b7047dba560bd2ed5a1b5f51413956
SHA256

02468c056a80b650117d022bf8cec92e8e5ab1d54bffc2be57c69ba75900939f
SHA512

8a619ebea6abd76e7be47eb6f8c1a315f19c5f7f8cf65388493f2069e4bd2d92e8efd477d13a98b577736ee02131e1ad58a8fd23f941a35f95ff259eaa9b3257
SSDEEP

6144:Sv2B6BePGPOud+nCHB0zaHy3bN0/Dhyi5laWM03ex:+leed+nC8l35QDUalaWMLx

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  af159f69da69a1347f4aec364d8d516a_JaffaCakes118
- Size
  
  237KB
- MD5
  
  af159f69da69a1347f4aec364d8d516a
- SHA1
  
  43cc8809c0b7047dba560bd2ed5a1b5f51413956
- SHA256
  
  02468c056a80b650117d022bf8cec92e8e5ab1d54bffc2be57c69ba75900939f
- SHA512
  
  8a619ebea6abd76e7be47eb6f8c1a315f19c5f7f8cf65388493f2069e4bd2d92e8efd477d13a98b577736ee02131e1ad58a8fd23f941a35f95ff259eaa9b3257
- SSDEEP
  
  6144:Sv2B6BePGPOud+nCHB0zaHy3bN0/Dhyi5laWM03ex:+leed+nC8l35QDUalaWMLx
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan