metasploit | bd7d8b83f5913ce4e02a6fa29bcc4f65dc875bc9382371e1dcfaad7a66088cc1 | Triage

Sharing

General

Target

b7030fd0d6030b67bbe7df741fbc71d1_JaffaCakes118
Size

71KB
Sample

241202-f4qf9axjap
MD5

b7030fd0d6030b67bbe7df741fbc71d1
SHA1

49cbd824796d350bb78e06b97faf7c988a4dca82
SHA256

bd7d8b83f5913ce4e02a6fa29bcc4f65dc875bc9382371e1dcfaad7a66088cc1
SHA512

613d118a38c36363c91da40cfa42059707783d206570dfd76c3afec2eccbb398b6c616df76cd13b1183fdd9861d0424ae9a71144d2b338571a038a0a37cc6742
SSDEEP

1536:ZwOnbNQKLjWDyy1o5I0foMJUEbooPRrKKReFX3:rNQKPWDyDI0fFJltZrpReFX3

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

68.67.49.238:4444

Targets

- Target
  
  b7030fd0d6030b67bbe7df741fbc71d1_JaffaCakes118
- Size
  
  71KB
- MD5
  
  b7030fd0d6030b67bbe7df741fbc71d1
- SHA1
  
  49cbd824796d350bb78e06b97faf7c988a4dca82
- SHA256
  
  bd7d8b83f5913ce4e02a6fa29bcc4f65dc875bc9382371e1dcfaad7a66088cc1
- SHA512
  
  613d118a38c36363c91da40cfa42059707783d206570dfd76c3afec2eccbb398b6c616df76cd13b1183fdd9861d0424ae9a71144d2b338571a038a0a37cc6742
- SSDEEP
  
  1536:ZwOnbNQKLjWDyy1o5I0foMJUEbooPRrKKReFX3:rNQKPWDyDI0fFJltZrpReFX3
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan