metasploit | dcc1a83db7431fc66893a91f77e288a28dba16548b69adf69cf164b32cbf37ae | Triage

Sharing

General

Target

d6ab12021d8197c427293268b6578c10_JaffaCakes118
Size

528KB
Sample

241208-mxmkca1ndv
MD5

d6ab12021d8197c427293268b6578c10
SHA1

524a7b04179a9685109382a757f834e8581a40f1
SHA256

dcc1a83db7431fc66893a91f77e288a28dba16548b69adf69cf164b32cbf37ae
SHA512

3a64d15ac7f5a5c7d3adfdf1d02c32a05b70e5478a0917dfad9dc4a7817c1ab953ca31b661dce104fce1ef889dbf0872cff25ea43da95319a5c3651995a3c8da
SSDEEP

6144:FLwfCQfjH6ua0KtI35g13BC3huboQ7yNXIRc9:pqvf7KUfYRa

Score

10^/10

metasploit backdoor discovery evasion trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  d6ab12021d8197c427293268b6578c10_JaffaCakes118
- Size
  
  528KB
- MD5
  
  d6ab12021d8197c427293268b6578c10
- SHA1
  
  524a7b04179a9685109382a757f834e8581a40f1
- SHA256
  
  dcc1a83db7431fc66893a91f77e288a28dba16548b69adf69cf164b32cbf37ae
- SHA512
  
  3a64d15ac7f5a5c7d3adfdf1d02c32a05b70e5478a0917dfad9dc4a7817c1ab953ca31b661dce104fce1ef889dbf0872cff25ea43da95319a5c3651995a3c8da
- SSDEEP
  
  6144:FLwfCQfjH6ua0KtI35g13BC3huboQ7yNXIRc9:pqvf7KUfYRa
Score

10^/10

metasploit backdoor discovery evasion trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Modifies firewall policy service
  evasion
- Modifies security service
  evasion
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Disable or Modify System Firewall

Modify Registry

Credential Access

Discovery

Network Share Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoveryevasiontrojan

behavioral2

metasploitbackdoordiscoveryevasiontrojan