metasploit | 73dfd1953f8883be403c34dc77ba73e2914fe8d9f73d4f29f872b1bb29eb6d7d | Triage

Sharing

General

Target

c655d932bb0b8b8e007eee907d5be4d2_JaffaCakes118
Size

60KB
Sample

241205-g5zlzssmex
MD5

c655d932bb0b8b8e007eee907d5be4d2
SHA1

43b780e2d636365cf5a590f24e4b9c8d615c2e81
SHA256

73dfd1953f8883be403c34dc77ba73e2914fe8d9f73d4f29f872b1bb29eb6d7d
SHA512

e9fab2e501c3722a1a84621cdbbaa2119a7594a30cc3093ef3553611760fd84cf6df71eaf43d1e39c8fd58a1da43b9fccb24e5abb3c1d662bb74023fee02481f
SSDEEP

1536:iBtQqmmkgGg7TjTK/h8DHZto58slDdADGRMlu:iBGqmkGgv3K/h8DHZc8+dZMlu

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.170.0.120:4444

Targets

- Target
  
  c655d932bb0b8b8e007eee907d5be4d2_JaffaCakes118
- Size
  
  60KB
- MD5
  
  c655d932bb0b8b8e007eee907d5be4d2
- SHA1
  
  43b780e2d636365cf5a590f24e4b9c8d615c2e81
- SHA256
  
  73dfd1953f8883be403c34dc77ba73e2914fe8d9f73d4f29f872b1bb29eb6d7d
- SHA512
  
  e9fab2e501c3722a1a84621cdbbaa2119a7594a30cc3093ef3553611760fd84cf6df71eaf43d1e39c8fd58a1da43b9fccb24e5abb3c1d662bb74023fee02481f
- SSDEEP
  
  1536:iBtQqmmkgGg7TjTK/h8DHZto58slDdADGRMlu:iBGqmkGgv3K/h8DHZc8+dZMlu
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan