metasploit | eebab36d5147c2a87ef6cb03dca876a72a6cc5a5fb7fd3b5b081163bfb2b3a2e | Triage

Sharing

General

Target

e5ac5c4d432b5a1ec4b1a2920a148abf_JaffaCakes118
Size

283KB
Sample

241212-k4d6fa1pgq
MD5

e5ac5c4d432b5a1ec4b1a2920a148abf
SHA1

eb98c6c332fc45ff5a6332f4bde69297662230d0
SHA256

eebab36d5147c2a87ef6cb03dca876a72a6cc5a5fb7fd3b5b081163bfb2b3a2e
SHA512

c0d888790f43b8f690a65f82002d6af6c212ff03737a083498926b7530dfa57e48830cd72b3a113fc3b2fdd0abdabb3cf0c8ea75da262998a6c8ad95d105e3d5
SSDEEP

3072:02ulHM8xeHFGBlZXQ8AxHCe8qKViO7OaZpOBF7mB5Kvwz3z+radXq2yBrojcCyTG:02MeMBlZXpUHLO7OGCdU8Iz3zPobd8

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  e5ac5c4d432b5a1ec4b1a2920a148abf_JaffaCakes118
- Size
  
  283KB
- MD5
  
  e5ac5c4d432b5a1ec4b1a2920a148abf
- SHA1
  
  eb98c6c332fc45ff5a6332f4bde69297662230d0
- SHA256
  
  eebab36d5147c2a87ef6cb03dca876a72a6cc5a5fb7fd3b5b081163bfb2b3a2e
- SHA512
  
  c0d888790f43b8f690a65f82002d6af6c212ff03737a083498926b7530dfa57e48830cd72b3a113fc3b2fdd0abdabb3cf0c8ea75da262998a6c8ad95d105e3d5
- SSDEEP
  
  3072:02ulHM8xeHFGBlZXQ8AxHCe8qKViO7OaZpOBF7mB5Kvwz3z+radXq2yBrojcCyTG:02MeMBlZXpUHLO7OGCdU8Iz3zPobd8
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan