metasploit | bb3f0a5290513a7fb6a4b28cb58b5e11325b5975ffadaf95c8ec25a2dbc3b3ba | Triage

Sharing

General

Target

bbb7109d527c4a92cff8dca9414aa745_JaffaCakes118
Size

72KB
Sample

241203-e444zazpcz
MD5

bbb7109d527c4a92cff8dca9414aa745
SHA1

333fc3b4a04fee1d753e3bae42690a133161695c
SHA256

bb3f0a5290513a7fb6a4b28cb58b5e11325b5975ffadaf95c8ec25a2dbc3b3ba
SHA512

45d2751fe3f73d26e1a0c1cf3249a96dcae9c15fc4128661652b2618e3af467727fbdf898a3653d576864cb31218304e2ea4976ddf6c08faf9177f9296bcee50
SSDEEP

1536:IhgCZSmpHZFI6BagoALcAYbMb+KR0Nc8QsJq39:FCZSOFjnnLcAYbe0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.199.130:4444

Targets

- Target
  
  bbb7109d527c4a92cff8dca9414aa745_JaffaCakes118
- Size
  
  72KB
- MD5
  
  bbb7109d527c4a92cff8dca9414aa745
- SHA1
  
  333fc3b4a04fee1d753e3bae42690a133161695c
- SHA256
  
  bb3f0a5290513a7fb6a4b28cb58b5e11325b5975ffadaf95c8ec25a2dbc3b3ba
- SHA512
  
  45d2751fe3f73d26e1a0c1cf3249a96dcae9c15fc4128661652b2618e3af467727fbdf898a3653d576864cb31218304e2ea4976ddf6c08faf9177f9296bcee50
- SSDEEP
  
  1536:IhgCZSmpHZFI6BagoALcAYbMb+KR0Nc8QsJq39:FCZSOFjnnLcAYbe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan