metasploit | b604eecbb89136b0a1ee0853357995e85a144475a211069baf60bd8a439b1929 | Triage

Sharing

General

Target

b0c53ac0bf5c41dc788d248a280bf769_JaffaCakes118
Size

123KB
Sample

241129-myjvvawneq
MD5

b0c53ac0bf5c41dc788d248a280bf769
SHA1

7990b713953d43f2108dcb1dd30b9958e814ad62
SHA256

b604eecbb89136b0a1ee0853357995e85a144475a211069baf60bd8a439b1929
SHA512

5d9f26e912686ddfd781ac3014f9ba1df817500fbde32cc4f4cce84621ea1138729d4b98b56b5e6df2dfecd5faf2c6b92da51cb5e2fad13b27ace0f97e4640f3
SSDEEP

1536:i5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER:ip5wfCQF92HpkeWp

Score

10^/10

metasploit backdoor discovery evasion trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  b0c53ac0bf5c41dc788d248a280bf769_JaffaCakes118
- Size
  
  123KB
- MD5
  
  b0c53ac0bf5c41dc788d248a280bf769
- SHA1
  
  7990b713953d43f2108dcb1dd30b9958e814ad62
- SHA256
  
  b604eecbb89136b0a1ee0853357995e85a144475a211069baf60bd8a439b1929
- SHA512
  
  5d9f26e912686ddfd781ac3014f9ba1df817500fbde32cc4f4cce84621ea1138729d4b98b56b5e6df2dfecd5faf2c6b92da51cb5e2fad13b27ace0f97e4640f3
- SSDEEP
  
  1536:i5sc375Ab4EBanICQFuIiyd6gWHpkeaPRAER:ip5wfCQF92HpkeWp
Score

10^/10

metasploit backdoor discovery evasion trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Modifies firewall policy service
  evasion
- Modifies security service
  evasion
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoveryevasiontrojan

behavioral2

metasploitbackdoordiscoveryevasiontrojan