metasploit | c4cd98b1d4e3de5d03ed4fd0c63a04650a3331b4c0f1ea499ccc72760238a1bb | Triage

Sharing

General

Target

e5e60798850962eb22f705a6313b0d84_JaffaCakes118
Size

112KB
Sample

241212-l9c11a1jgt
MD5

e5e60798850962eb22f705a6313b0d84
SHA1

bb91020bdb439ad417c1d6db34af9e73df975cc8
SHA256

c4cd98b1d4e3de5d03ed4fd0c63a04650a3331b4c0f1ea499ccc72760238a1bb
SHA512

f2015a79d1a3757edfe6fe2552b0f8bcdbaaef9a456cc4ce64919e55ae41c1fb0f6293a9baa50b3dd7d7ba7315cdc5528be840d9ab2985b29d182a0a8b1c2484
SSDEEP

1536:eGhn7cCyt3xq4I9bpg4yJZP8K7YyXB1IvjR/ebAxkyZO2HYWqhpOocK:eS73sENg48UJyR1Ivj1kqNqhxl

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  e5e60798850962eb22f705a6313b0d84_JaffaCakes118
- Size
  
  112KB
- MD5
  
  e5e60798850962eb22f705a6313b0d84
- SHA1
  
  bb91020bdb439ad417c1d6db34af9e73df975cc8
- SHA256
  
  c4cd98b1d4e3de5d03ed4fd0c63a04650a3331b4c0f1ea499ccc72760238a1bb
- SHA512
  
  f2015a79d1a3757edfe6fe2552b0f8bcdbaaef9a456cc4ce64919e55ae41c1fb0f6293a9baa50b3dd7d7ba7315cdc5528be840d9ab2985b29d182a0a8b1c2484
- SSDEEP
  
  1536:eGhn7cCyt3xq4I9bpg4yJZP8K7YyXB1IvjR/ebAxkyZO2HYWqhpOocK:eS73sENg48UJyR1Ivj1kqNqhxl
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan