metasploit | 80318b95cfeffd8fd9c55981e13eee82801f4403f88771d87a39125654d1db59 | Triage

Sharing

General

Target

e4f374e8d01d78046bc7f80cded7cbbf_JaffaCakes118
Size

4KB
Sample

241212-gdrgaswqhp
MD5

e4f374e8d01d78046bc7f80cded7cbbf
SHA1

2f0373c7fc46733023952472da999e261fc1f352
SHA256

80318b95cfeffd8fd9c55981e13eee82801f4403f88771d87a39125654d1db59
SHA512

0cb75b5d8dda771188830559c38128b73a60961126b18cfa8f8b7a7696925285d98c7ae4db606b72e5b301a8fead38c49d17939c43862fc4f86da62b9125b2a1
SSDEEP

48:6+iCxqfiPEVCOIAssFlkOxaG0iZJ/UfWyK8FPF6TR3UnvV7y8ZZDHxp4VBA:PFqqPE7IAHrQWyNr6TRqvV/7bD4Vm

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.1.5:8080/GwWG

Targets

- Target
  
  e4f374e8d01d78046bc7f80cded7cbbf_JaffaCakes118
- Size
  
  4KB
- MD5
  
  e4f374e8d01d78046bc7f80cded7cbbf
- SHA1
  
  2f0373c7fc46733023952472da999e261fc1f352
- SHA256
  
  80318b95cfeffd8fd9c55981e13eee82801f4403f88771d87a39125654d1db59
- SHA512
  
  0cb75b5d8dda771188830559c38128b73a60961126b18cfa8f8b7a7696925285d98c7ae4db606b72e5b301a8fead38c49d17939c43862fc4f86da62b9125b2a1
- SSDEEP
  
  48:6+iCxqfiPEVCOIAssFlkOxaG0iZJ/UfWyK8FPF6TR3UnvV7y8ZZDHxp4VBA:PFqqPE7IAHrQWyNr6TRqvV/7bD4Vm
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan