metasploit | 694a88405285225c5fe27a6fcc6e13fc1f375a3c33cc20fa0dc000705233d13e | Triage

Sharing

General

Target

c5cc7291d72adfc96a489fc93d35a0cd_JaffaCakes118
Size

47KB
Sample

241205-ej56jaxpgy
MD5

c5cc7291d72adfc96a489fc93d35a0cd
SHA1

32b868012ff11ce6a26ddc1277f885dfe6b84f5e
SHA256

694a88405285225c5fe27a6fcc6e13fc1f375a3c33cc20fa0dc000705233d13e
SHA512

df04417b7f8200194fb9892ee7d4fb3618addd48e3ee5b5a99ad75cf7fe77425c7c7732f4ed8fa02ab2a910ed32e1312310f285bfb08cbfad4bac952a1bacace
SSDEEP

768:P9rJkd7oPZdDlO8h1QMnqZ76nT6TawvXtrlW+gjuLx7x8B4AE+L:3kRmhln1hqeTQM+gjuIE+L

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  c5cc7291d72adfc96a489fc93d35a0cd_JaffaCakes118
- Size
  
  47KB
- MD5
  
  c5cc7291d72adfc96a489fc93d35a0cd
- SHA1
  
  32b868012ff11ce6a26ddc1277f885dfe6b84f5e
- SHA256
  
  694a88405285225c5fe27a6fcc6e13fc1f375a3c33cc20fa0dc000705233d13e
- SHA512
  
  df04417b7f8200194fb9892ee7d4fb3618addd48e3ee5b5a99ad75cf7fe77425c7c7732f4ed8fa02ab2a910ed32e1312310f285bfb08cbfad4bac952a1bacace
- SSDEEP
  
  768:P9rJkd7oPZdDlO8h1QMnqZ76nT6TawvXtrlW+gjuLx7x8B4AE+L:3kRmhln1hqeTQM+gjuIE+L
Score

10^/10

discovery metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

metasploitbackdoordiscoverytrojan