metasploit | e3b841147ca54c4dd61940fbbbbb9894d28a70a576f0c3f793dd9c70e5d22fe5 | Triage

Sharing

General

Target

d3ad4c380b0ddb12a8c5c257b2711d8c_JaffaCakes118
Size

151KB
Sample

241207-z8pkastrfx
MD5

d3ad4c380b0ddb12a8c5c257b2711d8c
SHA1

e93ec344f3438f9f2ce2bf42525b8c7dbab12b17
SHA256

e3b841147ca54c4dd61940fbbbbb9894d28a70a576f0c3f793dd9c70e5d22fe5
SHA512

bee59270e5af3ec6c5c64ee2228508be1d113a825ea1e750ef54a9202286b7ed873eafdc1165c83bca7ce0852e1bcf8bd356006e0a5fea1d2dd3849209df467d
SSDEEP

3072:2Eikpfs097Q/3qH6SD+npZxLG3Wv95HL2ezm7CPSoORUmN0k+4zPN8aRM1+8M+G+:2Eik197mVNG3G9107CPm7+4zV8B+8M4T

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  d3ad4c380b0ddb12a8c5c257b2711d8c_JaffaCakes118
- Size
  
  151KB
- MD5
  
  d3ad4c380b0ddb12a8c5c257b2711d8c
- SHA1
  
  e93ec344f3438f9f2ce2bf42525b8c7dbab12b17
- SHA256
  
  e3b841147ca54c4dd61940fbbbbb9894d28a70a576f0c3f793dd9c70e5d22fe5
- SHA512
  
  bee59270e5af3ec6c5c64ee2228508be1d113a825ea1e750ef54a9202286b7ed873eafdc1165c83bca7ce0852e1bcf8bd356006e0a5fea1d2dd3849209df467d
- SSDEEP
  
  3072:2Eikpfs097Q/3qH6SD+npZxLG3Wv95HL2ezm7CPSoORUmN0k+4zPN8aRM1+8M+G+:2Eik197mVNG3G9107CPm7+4zV8B+8M4T
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan