metasploit | e6f6f9901b9332cecf4e8e9f2e1892cc3772bf52c023bed7e7412affb313b6bd | Triage

Sharing

General

Target

b23b1cd40511840ba6008485372b3388_JaffaCakes118
Size

70KB
Sample

241129-s44ebsxphj
MD5

b23b1cd40511840ba6008485372b3388
SHA1

44bf86213a06e1b28a621ca5cd29d57334fb522e
SHA256

e6f6f9901b9332cecf4e8e9f2e1892cc3772bf52c023bed7e7412affb313b6bd
SHA512

b1865cb7fa6a2b239a1093faf56a4f3a5a3904a35f8f038c84dbca8fd4baa8675bb91e0f3ba4d2443b1d8b24b304364aa3d6907c008815f324a484ed737e306e
SSDEEP

1536:424FfURatc0A5H3A3ln4+9qV7J0+HMR64AeXu:42qrtalQF4+9kJ7sRMe+

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  b23b1cd40511840ba6008485372b3388_JaffaCakes118
- Size
  
  70KB
- MD5
  
  b23b1cd40511840ba6008485372b3388
- SHA1
  
  44bf86213a06e1b28a621ca5cd29d57334fb522e
- SHA256
  
  e6f6f9901b9332cecf4e8e9f2e1892cc3772bf52c023bed7e7412affb313b6bd
- SHA512
  
  b1865cb7fa6a2b239a1093faf56a4f3a5a3904a35f8f038c84dbca8fd4baa8675bb91e0f3ba4d2443b1d8b24b304364aa3d6907c008815f324a484ed737e306e
- SSDEEP
  
  1536:424FfURatc0A5H3A3ln4+9qV7J0+HMR64AeXu:42qrtalQF4+9kJ7sRMe+
Score

10^/10

discovery metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

metasploitbackdoordiscoverytrojan