metasploit | 3176bc3904a9f3b7009df28e9ed5e33c5ad8fc69f3d74ebd9d37146fc1725b81 | Triage

Analysis

max time kernel
147s
max time network
151s
platform
windows7_x64
resource
win7-20241010-en
resource tags

arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
submitted
13-12-2024 03:29

Sharing

Report Analysis Logs

General

Target

e9acc59612646672b8ba30c03cc74dbd_JaffaCakes118.exe
Size

5KB
MD5

e9acc59612646672b8ba30c03cc74dbd
SHA1

6eb261267df4d6497fad237f8a79f3a672ec61bb
SHA256

3176bc3904a9f3b7009df28e9ed5e33c5ad8fc69f3d74ebd9d37146fc1725b81
SHA512

8c5919ee7a379736be3513415887f3ee3fcf1647599c9588ac413e98b1aedb983886e68ea1200880ee32c0811c771f1c14e74d8573ce4128ab402aed83f3fd77
SSDEEP

48:6HvR59EQKTstU1N2BjABcxNVNMkyl1/pZ41i3bFb/5mfvCvxt9IudLG54tdtdlr5:c59EHTnLU7LAZVbFroXMpIuZv19ozNt

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.49.83:4444

Signatures

MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
trojan backdoor metasploit
Metasploit family
metasploit

C:\Users\Admin\AppData\Local\Temp\e9acc59612646672b8ba30c03cc74dbd_JaffaCakes118.exe
"C:\Users\Admin\AppData\Local\Temp\e9acc59612646672b8ba30c03cc74dbd_JaffaCakes118.exe"
1⤵
PID:2820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/2820-0-0x000007FEF6423000-0x000007FEF6424000-memory.dmp

Filesize
4KB

Download
memory/2820-1-0x000000013F720000-0x000000013F726000-memory.dmp

Filesize
24KB

Download
memory/2820-2-0x00000000007F0000-0x00000000007F1000-memory.dmp

Filesize
4KB

Download
memory/2820-3-0x000007FEF6420000-0x000007FEF6E0C000-memory.dmp

Filesize
9.9MB

Download
memory/2820-4-0x000007FEF6423000-0x000007FEF6424000-memory.dmp

Filesize
4KB

Download
memory/2820-5-0x000007FEF6420000-0x000007FEF6E0C000-memory.dmp

Filesize
9.9MB

Download