metasploit | e3f01d5106cdf16a14ce00ff68975cd4e347ab8083969b212a711168e1ed8cec | Triage

Sharing

General

Target

c2d4423fc753b477ce95cbcccbde79e6_JaffaCakes118
Size

97KB
Sample

241204-q566hasmgq
MD5

c2d4423fc753b477ce95cbcccbde79e6
SHA1

0d82e15dc662a11ffbdb4e9faa126bc67ce28feb
SHA256

e3f01d5106cdf16a14ce00ff68975cd4e347ab8083969b212a711168e1ed8cec
SHA512

904c8af432bc1503aea610808ea1af45e14a693e00df932823da08edb38f38e36703ce919ea75ec458eef6128eb422443ab50d064b8f2947903792ae62bc6f9d
SSDEEP

1536:cNDDAABn5JE3DMHwxmvLhxM8HeLXfVOZDV4bNNwrbjtzx+aiS7WWwvg:ksABnkYWmkZLymSvBx+aiSN

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.3:4444

Targets

- Target
  
  c2d4423fc753b477ce95cbcccbde79e6_JaffaCakes118
- Size
  
  97KB
- MD5
  
  c2d4423fc753b477ce95cbcccbde79e6
- SHA1
  
  0d82e15dc662a11ffbdb4e9faa126bc67ce28feb
- SHA256
  
  e3f01d5106cdf16a14ce00ff68975cd4e347ab8083969b212a711168e1ed8cec
- SHA512
  
  904c8af432bc1503aea610808ea1af45e14a693e00df932823da08edb38f38e36703ce919ea75ec458eef6128eb422443ab50d064b8f2947903792ae62bc6f9d
- SSDEEP
  
  1536:cNDDAABn5JE3DMHwxmvLhxM8HeLXfVOZDV4bNNwrbjtzx+aiS7WWwvg:ksABnkYWmkZLymSvBx+aiSN
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

metasploitbackdoordiscoverytrojan