metasploit | db184bed6c94d4ec5ba45c3c3071a1a8882a7cd68210619cf8b829dfe409e7ee | Triage

Sharing

General

Target

b4410ebd1a7f254bc88f4d6a16047c30_JaffaCakes118
Size

116KB
Sample

241130-a5f2bayraj
MD5

b4410ebd1a7f254bc88f4d6a16047c30
SHA1

3ee004a087607a0b582870b431093ebc344725b1
SHA256

db184bed6c94d4ec5ba45c3c3071a1a8882a7cd68210619cf8b829dfe409e7ee
SHA512

d8354593a4a47a177906113427432edd9606dd095d44afec82a8fdd4e3178a5ec135dfc259d6041054d36b37c42446fdf49f8110776051154da507078f494b5f
SSDEEP

3072:EZpqQJAO4yQ+Wt7iPNPvAKOhk9JzetrRqXyOnkIY+I5E:QpqQGcWlilDqtFqXNnkRx5

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  b4410ebd1a7f254bc88f4d6a16047c30_JaffaCakes118
- Size
  
  116KB
- MD5
  
  b4410ebd1a7f254bc88f4d6a16047c30
- SHA1
  
  3ee004a087607a0b582870b431093ebc344725b1
- SHA256
  
  db184bed6c94d4ec5ba45c3c3071a1a8882a7cd68210619cf8b829dfe409e7ee
- SHA512
  
  d8354593a4a47a177906113427432edd9606dd095d44afec82a8fdd4e3178a5ec135dfc259d6041054d36b37c42446fdf49f8110776051154da507078f494b5f
- SSDEEP
  
  3072:EZpqQJAO4yQ+Wt7iPNPvAKOhk9JzetrRqXyOnkIY+I5E:QpqQGcWlilDqtFqXNnkRx5
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan