metasploit | 17067ba210405deffe2188b99c48f8ec0a9940431f84eb1064dcc05ca31c34d7 | Triage

Sharing

General

Target

dabcdf0eb3ae427c2d8f19d0bbc36b7f_JaffaCakes118
Size

10KB
Sample

241209-v3c7vsvpfs
MD5

dabcdf0eb3ae427c2d8f19d0bbc36b7f
SHA1

400ab9647aa41c935b0c1ee4e93fc76001091bd0
SHA256

17067ba210405deffe2188b99c48f8ec0a9940431f84eb1064dcc05ca31c34d7
SHA512

1b3f4346aae4e73085e4a091bf9accf873cca9e3c5ea95708e56c562e7fe6203809d82a6bcb236777536245d312f7c50cc86a7b7683fa3901b6f93c19b6c7d53
SSDEEP

96:vqAHYOIjiNsP9bAQQQmFvRHm86NVomt1pXK04DT1FvBbKMrT+Hmg1GJ9CecEBmQP:yAHYxbVaiVoUsNJFvBbKSPCZ0f33

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

69.117.168.21:443

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  dabcdf0eb3ae427c2d8f19d0bbc36b7f_JaffaCakes118
- Size
  
  10KB
- MD5
  
  dabcdf0eb3ae427c2d8f19d0bbc36b7f
- SHA1
  
  400ab9647aa41c935b0c1ee4e93fc76001091bd0
- SHA256
  
  17067ba210405deffe2188b99c48f8ec0a9940431f84eb1064dcc05ca31c34d7
- SHA512
  
  1b3f4346aae4e73085e4a091bf9accf873cca9e3c5ea95708e56c562e7fe6203809d82a6bcb236777536245d312f7c50cc86a7b7683fa3901b6f93c19b6c7d53
- SSDEEP
  
  96:vqAHYOIjiNsP9bAQQQmFvRHm86NVomt1pXK04DT1FvBbKMrT+Hmg1GJ9CecEBmQP:yAHYxbVaiVoUsNJFvBbKSPCZ0f33
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan