metasploit | 11d89f2cc316afd6d1f3649c85a06ceeedf8401119ea803ead682502323c982d | Triage

Sharing

General

Target

de94984ecbcc064ef93740c55c169777_JaffaCakes118
Size

58KB
Sample

241210-1dg3eavmhn
MD5

de94984ecbcc064ef93740c55c169777
SHA1

04e84cec95067a45ce4e20bc921074ac851e57e6
SHA256

11d89f2cc316afd6d1f3649c85a06ceeedf8401119ea803ead682502323c982d
SHA512

d3f4ee0b5ea34c095e1901d70d1e40169677d9613f586965a4995d4dbbacfdcbfce6a052cce3ab9fe2584467b5ceb6f64a684114c73f2d73b971449e1aaeca11
SSDEEP

768:HY0JV7zP9lGsSRAwxmkveRJrOvMBo2e4u1a9MeIaDh+Ef8YlgTgLEl2lojubvCnT:Hzv7zCs4XgrH/iazvGT2l

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  de94984ecbcc064ef93740c55c169777_JaffaCakes118
- Size
  
  58KB
- MD5
  
  de94984ecbcc064ef93740c55c169777
- SHA1
  
  04e84cec95067a45ce4e20bc921074ac851e57e6
- SHA256
  
  11d89f2cc316afd6d1f3649c85a06ceeedf8401119ea803ead682502323c982d
- SHA512
  
  d3f4ee0b5ea34c095e1901d70d1e40169677d9613f586965a4995d4dbbacfdcbfce6a052cce3ab9fe2584467b5ceb6f64a684114c73f2d73b971449e1aaeca11
- SSDEEP
  
  768:HY0JV7zP9lGsSRAwxmkveRJrOvMBo2e4u1a9MeIaDh+Ef8YlgTgLEl2lojubvCnT:Hzv7zCs4XgrH/iazvGT2l
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Deletes itself
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan