metasploit | 2e23ed0d7f505401da9928cd481478fe72a751a99fbf46d7abfe92f032a407de | Triage

Sharing

General

Target

f150fb7c56ae8edefd0a81539d661c4f_JaffaCakes118
Size

286KB
Sample

241214-3yaj6sxrfx
MD5

f150fb7c56ae8edefd0a81539d661c4f
SHA1

c1c364da21f8b532cc52b2f7abc4d4099fa09938
SHA256

2e23ed0d7f505401da9928cd481478fe72a751a99fbf46d7abfe92f032a407de
SHA512

95aa74b0c886dd146c42313abb3a285d25eb1e0c3c6c3141a8feaf979e9ffa2a79588260f6fb6598a9ca442aba90620b1ae87f5d1f18c77a8f99773e53934a59
SSDEEP

3072:l2ulHM8xeHFGBlZXQ8AxHCe8qKViO7OaZpOBF7mB5Kvwz3z+radXg2yBrojcCyTG:l2MeMBlZXpUHLO7OGCdU8Iz3z5obd8

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  f150fb7c56ae8edefd0a81539d661c4f_JaffaCakes118
- Size
  
  286KB
- MD5
  
  f150fb7c56ae8edefd0a81539d661c4f
- SHA1
  
  c1c364da21f8b532cc52b2f7abc4d4099fa09938
- SHA256
  
  2e23ed0d7f505401da9928cd481478fe72a751a99fbf46d7abfe92f032a407de
- SHA512
  
  95aa74b0c886dd146c42313abb3a285d25eb1e0c3c6c3141a8feaf979e9ffa2a79588260f6fb6598a9ca442aba90620b1ae87f5d1f18c77a8f99773e53934a59
- SSDEEP
  
  3072:l2ulHM8xeHFGBlZXQ8AxHCe8qKViO7OaZpOBF7mB5Kvwz3z+radXg2yBrojcCyTG:l2MeMBlZXpUHLO7OGCdU8Iz3z5obd8
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan