metasploit | c6573d4870548a7eb238213ded5c3b5b8b7944cfcc54d4c1b59a3d56d764fd5f | Triage

Sharing

General

Target

d5ea005b7f5a45f0b83fd1d43b7a5acc_JaffaCakes118
Size

92KB
Sample

241208-jbqhbsxkh1
MD5

d5ea005b7f5a45f0b83fd1d43b7a5acc
SHA1

42bed10f16715f6740d3b23139a644191c943daa
SHA256

c6573d4870548a7eb238213ded5c3b5b8b7944cfcc54d4c1b59a3d56d764fd5f
SHA512

7c4f57a39cd958537bccb2400992bbb167e766df2e7fa91433c87a475a9d0f57551c6765d75caac6202502202e7be5dfdf2dd377a220c5fa55da1038e3518dae
SSDEEP

1536:QR5JvcSGJXUGRwbEEwtAe4fLlfmc/AakO2O3aa0oIRaHc6n:QRsSGJZUE1iLlOcATxO3axow+Tn

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

201.87.145.136:9034

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

- Target
  
  d5ea005b7f5a45f0b83fd1d43b7a5acc_JaffaCakes118
- Size
  
  92KB
- MD5
  
  d5ea005b7f5a45f0b83fd1d43b7a5acc
- SHA1
  
  42bed10f16715f6740d3b23139a644191c943daa
- SHA256
  
  c6573d4870548a7eb238213ded5c3b5b8b7944cfcc54d4c1b59a3d56d764fd5f
- SHA512
  
  7c4f57a39cd958537bccb2400992bbb167e766df2e7fa91433c87a475a9d0f57551c6765d75caac6202502202e7be5dfdf2dd377a220c5fa55da1038e3518dae
- SSDEEP
  
  1536:QR5JvcSGJXUGRwbEEwtAe4fLlfmc/AakO2O3aa0oIRaHc6n:QRsSGJZUE1iLlOcATxO3axow+Tn
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan