metasploit | b0ab39bffc7f8c8c7342788d12d7fcf09d8841ee06ec4b4217bd741267c7c1a4 | Triage

Sharing

General

Target

c203198452d203dcefbfa8a7b1b5daad_JaffaCakes118
Size

60KB
Sample

241204-lz42qsxlhp
MD5

c203198452d203dcefbfa8a7b1b5daad
SHA1

57796a531dd1044e5ab96e1c02277060677d4f77
SHA256

b0ab39bffc7f8c8c7342788d12d7fcf09d8841ee06ec4b4217bd741267c7c1a4
SHA512

244a9fa0e4f6cb943fa74d41cec31a6bee212490d732881211f8f44bfb2aa432107bc3fa39b275cadc83ba139a0ee5730bcc6944b7b83cd44fb124b8285937ba
SSDEEP

768:SxzbtryjTD0xD3dZHy9msLJXWPxPnJ1BIOrnToIf1ZU+PxnC1w6udvE1:WtKTwxBZS9rdX2J1BIOrnToIffTd0

Score

10^/10

metasploit discovery

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

189.163.206.190:5555

Targets

- Target
  
  c203198452d203dcefbfa8a7b1b5daad_JaffaCakes118
- Size
  
  60KB
- MD5
  
  c203198452d203dcefbfa8a7b1b5daad
- SHA1
  
  57796a531dd1044e5ab96e1c02277060677d4f77
- SHA256
  
  b0ab39bffc7f8c8c7342788d12d7fcf09d8841ee06ec4b4217bd741267c7c1a4
- SHA512
  
  244a9fa0e4f6cb943fa74d41cec31a6bee212490d732881211f8f44bfb2aa432107bc3fa39b275cadc83ba139a0ee5730bcc6944b7b83cd44fb124b8285937ba
- SSDEEP
  
  768:SxzbtryjTD0xD3dZHy9msLJXWPxPnJ1BIOrnToIf1ZU+PxnC1w6udvE1:WtKTwxBZS9rdX2J1BIOrnToIffTd0
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2