metasploit | e1d6dfdba37119d5b531b28046c1193acac70296a78b7941a5bc7070ea44c589 | Triage

Sharing

General

Target

d9854608a6a5baeb996928e8693055b4_JaffaCakes118
Size

37KB
Sample

241209-n69lxa1ndq
MD5

d9854608a6a5baeb996928e8693055b4
SHA1

8554c7bf40abb3378f9f795c7b6d45fc9cc7ab4e
SHA256

e1d6dfdba37119d5b531b28046c1193acac70296a78b7941a5bc7070ea44c589
SHA512

218a53fb5c0d3a84d0fe2279a487252753be7609c5997302ba5a92c63b0ab986da6a233283427e06236efbe4bb5298fe2c263d037ae8c41f18672044375e08d3
SSDEEP

768:IVAw43j2A4CUIUo3jYALXqn1NPM8KXb6lRZ95x:qP43Uw/DUXPMnsh5x

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.5.6:1989

Targets

- Target
  
  d9854608a6a5baeb996928e8693055b4_JaffaCakes118
- Size
  
  37KB
- MD5
  
  d9854608a6a5baeb996928e8693055b4
- SHA1
  
  8554c7bf40abb3378f9f795c7b6d45fc9cc7ab4e
- SHA256
  
  e1d6dfdba37119d5b531b28046c1193acac70296a78b7941a5bc7070ea44c589
- SHA512
  
  218a53fb5c0d3a84d0fe2279a487252753be7609c5997302ba5a92c63b0ab986da6a233283427e06236efbe4bb5298fe2c263d037ae8c41f18672044375e08d3
- SSDEEP
  
  768:IVAw43j2A4CUIUo3jYALXqn1NPM8KXb6lRZ95x:qP43Uw/DUXPMnsh5x
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan