metasploit | eb168aaf39c4926770e387f1b34bda57823b6afe7a26779856bf9391573b2a37 | Triage

Sharing

General

Target

e5d0650411b0b4c0e5989d62895a35af_JaffaCakes118
Size

377KB
Sample

241212-ltc13aznf1
MD5

e5d0650411b0b4c0e5989d62895a35af
SHA1

0307a3a8827743c27079b3db4abb541126564cd9
SHA256

eb168aaf39c4926770e387f1b34bda57823b6afe7a26779856bf9391573b2a37
SHA512

10666e2fc8739c7fc6e1d0e6b6ddf63780f8ce823d946f1d8727a126c8741fec676a233c6f12aaef2bfec64260f6aeb92418640ac924a39a1f7579bbe749dadd
SSDEEP

6144:reVaO/iUJ4BrbvBJfK4PVCX23mGBWuMFvYoc9dRT+GDNmMzuMs6Cyv3kgg:reVT/iUJ45bvregmZ/Fgoc9bLX643

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  e5d0650411b0b4c0e5989d62895a35af_JaffaCakes118
- Size
  
  377KB
- MD5
  
  e5d0650411b0b4c0e5989d62895a35af
- SHA1
  
  0307a3a8827743c27079b3db4abb541126564cd9
- SHA256
  
  eb168aaf39c4926770e387f1b34bda57823b6afe7a26779856bf9391573b2a37
- SHA512
  
  10666e2fc8739c7fc6e1d0e6b6ddf63780f8ce823d946f1d8727a126c8741fec676a233c6f12aaef2bfec64260f6aeb92418640ac924a39a1f7579bbe749dadd
- SSDEEP
  
  6144:reVaO/iUJ4BrbvBJfK4PVCX23mGBWuMFvYoc9dRT+GDNmMzuMs6Cyv3kgg:reVT/iUJ45bvregmZ/Fgoc9bLX643
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan