metasploit | c01094ece99a297e0f6d9bf1ce1f75259727bd019609b1d48ab0fb688cfff16a | Triage

Sharing

General

Target

c87edfedef6a83fcd43be05279391d8f_JaffaCakes118
Size

66KB
Sample

241205-tptf9ayjbr
MD5

c87edfedef6a83fcd43be05279391d8f
SHA1

7b68406fecdbdc3a4ecc85eab2b4e0c3843e7825
SHA256

c01094ece99a297e0f6d9bf1ce1f75259727bd019609b1d48ab0fb688cfff16a
SHA512

7391b70c83de7e554279ad46593774511abfb3f862f3d3819874651cde86b2c28ea13207c98e3febee1355858382f062848fb0bc21458b197fd5134926439f33
SSDEEP

1536:aQD/Id/TvFLm44cwo6u6APSINKci0OeNlCMR:1gd/LJmvto6uPPJc0OylC

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  c87edfedef6a83fcd43be05279391d8f_JaffaCakes118
- Size
  
  66KB
- MD5
  
  c87edfedef6a83fcd43be05279391d8f
- SHA1
  
  7b68406fecdbdc3a4ecc85eab2b4e0c3843e7825
- SHA256
  
  c01094ece99a297e0f6d9bf1ce1f75259727bd019609b1d48ab0fb688cfff16a
- SHA512
  
  7391b70c83de7e554279ad46593774511abfb3f862f3d3819874651cde86b2c28ea13207c98e3febee1355858382f062848fb0bc21458b197fd5134926439f33
- SSDEEP
  
  1536:aQD/Id/TvFLm44cwo6u6APSINKci0OeNlCMR:1gd/LJmvto6uPPJc0OylC
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan