metasploit | b97acb2c91d4fa7b72552ff347e209636213de1ca21445a2e4f3873a2a8f8f71 | Triage

Sharing

General

Target

b1200d7f5023ad16ad05ab836b04714f_JaffaCakes118
Size

4KB
Sample

241129-n91s6strfz
MD5

b1200d7f5023ad16ad05ab836b04714f
SHA1

4146fd7ef25735e2f9299a876796d4ec66958c8b
SHA256

b97acb2c91d4fa7b72552ff347e209636213de1ca21445a2e4f3873a2a8f8f71
SHA512

ec8051e21b152f30673de6486af94044d4eac07c7ce60852e3468ffa241f7b97af4b29557fe898f017e8c0b8941229e3c3f6e1d517a0301dc349152f84455b44
SSDEEP

96:adJd+MI1fCtNdfeOipmRVDzFM7HV0Klxp:y+Mfflfi0RVDB61Lxp

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

86.144.182.14:4444

Targets

- Target
  
  b1200d7f5023ad16ad05ab836b04714f_JaffaCakes118
- Size
  
  4KB
- MD5
  
  b1200d7f5023ad16ad05ab836b04714f
- SHA1
  
  4146fd7ef25735e2f9299a876796d4ec66958c8b
- SHA256
  
  b97acb2c91d4fa7b72552ff347e209636213de1ca21445a2e4f3873a2a8f8f71
- SHA512
  
  ec8051e21b152f30673de6486af94044d4eac07c7ce60852e3468ffa241f7b97af4b29557fe898f017e8c0b8941229e3c3f6e1d517a0301dc349152f84455b44
- SSDEEP
  
  96:adJd+MI1fCtNdfeOipmRVDzFM7HV0Klxp:y+Mfflfi0RVDB61Lxp
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan