metasploit | baf614ab4b70a17dc00f7e69e68be1b4cd8590b05b61a9b7481c3b0d956ae2df | Triage

Sharing

General

Target

bbe98ac21347b595ca0a341da25b66d3_JaffaCakes118
Size

72KB
Sample

241203-f44nwasjdv
MD5

bbe98ac21347b595ca0a341da25b66d3
SHA1

03d59c3f9f2d05d85705ef78f22aebd4859755df
SHA256

baf614ab4b70a17dc00f7e69e68be1b4cd8590b05b61a9b7481c3b0d956ae2df
SHA512

0620fa70e34ca22f77c4b25babb5fce31e556a891140df437e84549a8433d5133639d6a1b040c90eef430f7c871f9921211f9224d6a84b3eb8dc7af78fd26fc5
SSDEEP

1536:IFXL2HNtNAI1IAAT1AA/yZuZ/Lu0ejryNMb+KR0Nc8QsJq39:MbWUwjAhpy8ZzpxNe0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

92.253.102.95:4444

Targets

- Target
  
  bbe98ac21347b595ca0a341da25b66d3_JaffaCakes118
- Size
  
  72KB
- MD5
  
  bbe98ac21347b595ca0a341da25b66d3
- SHA1
  
  03d59c3f9f2d05d85705ef78f22aebd4859755df
- SHA256
  
  baf614ab4b70a17dc00f7e69e68be1b4cd8590b05b61a9b7481c3b0d956ae2df
- SHA512
  
  0620fa70e34ca22f77c4b25babb5fce31e556a891140df437e84549a8433d5133639d6a1b040c90eef430f7c871f9921211f9224d6a84b3eb8dc7af78fd26fc5
- SSDEEP
  
  1536:IFXL2HNtNAI1IAAT1AA/yZuZ/Lu0ejryNMb+KR0Nc8QsJq39:MbWUwjAhpy8ZzpxNe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan