metasploit | 989331caf8c55a9fc07e714b10ec341059fd2ff81f167176c76630adfc6879ec | Triage

Sharing

General

Target

d152f795831e14c8b3dac6492e7b86b8_JaffaCakes118
Size

121KB
Sample

241207-jhjclaylcq
MD5

d152f795831e14c8b3dac6492e7b86b8
SHA1

9abf705d8de2bbadaad787346dd45015bc7a1c6d
SHA256

989331caf8c55a9fc07e714b10ec341059fd2ff81f167176c76630adfc6879ec
SHA512

91b4b71c5f9a9700154a87047a8dd5cde2dd6dd4b435dc4723ec296bfa077ea462166ad16d6c2c1743643805a3e2d411c90d41f4001bf8188a94e8f610d9ba17
SSDEEP

1536:/NepKVjBSOfo6RfbSkbH/xBe45waqQ3P1CzclX6WwngvQrzuGOiNvOg:lepYdfoyS+99jkzU6RC4zFOiNGg

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  d152f795831e14c8b3dac6492e7b86b8_JaffaCakes118
- Size
  
  121KB
- MD5
  
  d152f795831e14c8b3dac6492e7b86b8
- SHA1
  
  9abf705d8de2bbadaad787346dd45015bc7a1c6d
- SHA256
  
  989331caf8c55a9fc07e714b10ec341059fd2ff81f167176c76630adfc6879ec
- SHA512
  
  91b4b71c5f9a9700154a87047a8dd5cde2dd6dd4b435dc4723ec296bfa077ea462166ad16d6c2c1743643805a3e2d411c90d41f4001bf8188a94e8f610d9ba17
- SSDEEP
  
  1536:/NepKVjBSOfo6RfbSkbH/xBe45waqQ3P1CzclX6WwngvQrzuGOiNvOg:lepYdfoyS+99jkzU6RC4zFOiNGg
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan