metasploit | 09a86ae227898e5193ff0b6ce5b69a264ae172018b84bda1f7f2b7f178c1d080 | Triage

Sharing

General

Target

f176a160ef615d6a7b2fd43bd4394107_JaffaCakes118
Size

105KB
Sample

241215-aw9l9sypcv
MD5

f176a160ef615d6a7b2fd43bd4394107
SHA1

41c25402f03189d08f6a38c3036ee77addc59e02
SHA256

09a86ae227898e5193ff0b6ce5b69a264ae172018b84bda1f7f2b7f178c1d080
SHA512

b957795258af71352dfb2cc32e92723266b367d7b2023de8b6914ad9285695a8666ffb79e2f2d2dcedc780253e332ce3f4bfb14ec578490910a3e8a8e0210dc5
SSDEEP

3072:Mb6aHPq9QsKUBK0GaO4s6/pyu17Ys56zdD8:eaQsKYKLaRs6/Qs0e

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  f176a160ef615d6a7b2fd43bd4394107_JaffaCakes118
- Size
  
  105KB
- MD5
  
  f176a160ef615d6a7b2fd43bd4394107
- SHA1
  
  41c25402f03189d08f6a38c3036ee77addc59e02
- SHA256
  
  09a86ae227898e5193ff0b6ce5b69a264ae172018b84bda1f7f2b7f178c1d080
- SHA512
  
  b957795258af71352dfb2cc32e92723266b367d7b2023de8b6914ad9285695a8666ffb79e2f2d2dcedc780253e332ce3f4bfb14ec578490910a3e8a8e0210dc5
- SSDEEP
  
  3072:Mb6aHPq9QsKUBK0GaO4s6/pyu17Ys56zdD8:eaQsKYKLaRs6/Qs0e
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan