metasploit | d95c507589d4992e764c456c5c16f9d4ec11a8e30fbbcffcab2fce5c249ba711 | Triage

Sharing

General

Target

f04963ed4a7510a7f114a8c7084b2667_JaffaCakes118
Size

16KB
Sample

241214-xzgrzstjhq
MD5

f04963ed4a7510a7f114a8c7084b2667
SHA1

daafd028bc5fa4ada7f669b415dd7f28f4d90096
SHA256

d95c507589d4992e764c456c5c16f9d4ec11a8e30fbbcffcab2fce5c249ba711
SHA512

17b4b23f216d6152bb6f58adaaafa22c269e0ab3aa7c112859f4432fb7a3fde65ecab61eac501ba394a4208ebfe0ab4bbed855cbcf9e46273de4bab519659a58
SSDEEP

192:s4ma+kGrsFCIuCXCBZrnq7F3rKlCw8vpPOoeyFoBCC4x:soGrsFrryZGxraCw8RPtJaBZG

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

172.16.0.144:4444

Targets

- Target
  
  f04963ed4a7510a7f114a8c7084b2667_JaffaCakes118
- Size
  
  16KB
- MD5
  
  f04963ed4a7510a7f114a8c7084b2667
- SHA1
  
  daafd028bc5fa4ada7f669b415dd7f28f4d90096
- SHA256
  
  d95c507589d4992e764c456c5c16f9d4ec11a8e30fbbcffcab2fce5c249ba711
- SHA512
  
  17b4b23f216d6152bb6f58adaaafa22c269e0ab3aa7c112859f4432fb7a3fde65ecab61eac501ba394a4208ebfe0ab4bbed855cbcf9e46273de4bab519659a58
- SSDEEP
  
  192:s4ma+kGrsFCIuCXCBZrnq7F3rKlCw8vpPOoeyFoBCC4x:soGrsFrryZGxraCw8RPtJaBZG
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan