metasploit | fc2e842ceded11ee14f28f97c939bd3ae88c76229d925911e254be9d932fa4db | Triage

Sharing

General

Target

e1cc040223663562e83dea1279b829ca_JaffaCakes118
Size

472KB
Sample

241211-rdjrkazmfk
MD5

e1cc040223663562e83dea1279b829ca
SHA1

6091f144bc7b78374323f38a991d326aca887390
SHA256

fc2e842ceded11ee14f28f97c939bd3ae88c76229d925911e254be9d932fa4db
SHA512

a3fe9e3434d8bccadb384d9433d406fa73ed3a5bf634ba7115c32003e68b6dda81d79b876281a2c752b52da524d487a49717d9d11bab0941c6d20c9c200dcbd0
SSDEEP

12288:CW0mYCeiqDLYI1W/re5IFz3rV7FiTO9StnsBW+jnV6I:QzCD1I1WDq4rV7FiTvnsMwV6

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.25.180:8080

Targets

- Target
  
  e1cc040223663562e83dea1279b829ca_JaffaCakes118
- Size
  
  472KB
- MD5
  
  e1cc040223663562e83dea1279b829ca
- SHA1
  
  6091f144bc7b78374323f38a991d326aca887390
- SHA256
  
  fc2e842ceded11ee14f28f97c939bd3ae88c76229d925911e254be9d932fa4db
- SHA512
  
  a3fe9e3434d8bccadb384d9433d406fa73ed3a5bf634ba7115c32003e68b6dda81d79b876281a2c752b52da524d487a49717d9d11bab0941c6d20c9c200dcbd0
- SSDEEP
  
  12288:CW0mYCeiqDLYI1W/re5IFz3rV7FiTO9StnsBW+jnV6I:QzCD1I1WDq4rV7FiTvnsMwV6
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan