metasploit | 1dc9c48bf3d24fee41a840160df4b11c3167c76bf9e8e789acd39e4397efc897 | Triage

Sharing

General

Target

e9e01f4763c5d3e06299c83b1b211d51_JaffaCakes118
Size

101KB
Sample

241213-e1l4zszncr
MD5

e9e01f4763c5d3e06299c83b1b211d51
SHA1

43baa867e2eb54c54b2d90fd7561250f454e8397
SHA256

1dc9c48bf3d24fee41a840160df4b11c3167c76bf9e8e789acd39e4397efc897
SHA512

974499f8b92d9edbe9e10934492bee407d37b43bd53050a1f702929d4042e45c8c144291d31ec9e649f4846d3775043f8f81890275d32de2425495dc3cda8517
SSDEEP

1536:LZpo1Tmc7u3Wu57DZU4Iozi8ONkg1ciMn60ZWSv40SEK85o9:LZpocc8i/oziprMFZW9d

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  e9e01f4763c5d3e06299c83b1b211d51_JaffaCakes118
- Size
  
  101KB
- MD5
  
  e9e01f4763c5d3e06299c83b1b211d51
- SHA1
  
  43baa867e2eb54c54b2d90fd7561250f454e8397
- SHA256
  
  1dc9c48bf3d24fee41a840160df4b11c3167c76bf9e8e789acd39e4397efc897
- SHA512
  
  974499f8b92d9edbe9e10934492bee407d37b43bd53050a1f702929d4042e45c8c144291d31ec9e649f4846d3775043f8f81890275d32de2425495dc3cda8517
- SSDEEP
  
  1536:LZpo1Tmc7u3Wu57DZU4Iozi8ONkg1ciMn60ZWSv40SEK85o9:LZpocc8i/oziprMFZW9d
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2