metasploit | 58fa7103a6da18ad8039c901c10af971627efdfb77a27f55a950aa37f4d04dc8 | Triage

Sharing

General

Target

f3a6663b8cb810e905ff5c7bed9ef67e_JaffaCakes118
Size

476KB
Sample

241215-mwywzstmbj
MD5

f3a6663b8cb810e905ff5c7bed9ef67e
SHA1

8e832fbcd04fad6c103bc8753ad87863454830ac
SHA256

58fa7103a6da18ad8039c901c10af971627efdfb77a27f55a950aa37f4d04dc8
SHA512

986064204320e6b1100e9c83e4691ee1d3aad06cdda575a723e6f49de9ed0ea0c5862b0d87e665167f9e74896dd0cdeaa12de6e1bb6753e68c56387154f98095
SSDEEP

6144:jFeLlS5FZCAv2wFR24biJjWti/9q7R/ck6pSDy4N5q39dVdnNn1u9/TPr5P6uzPh:JD6AvTFgJVWt49y5YeE8RhpQetCO

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  f3a6663b8cb810e905ff5c7bed9ef67e_JaffaCakes118
- Size
  
  476KB
- MD5
  
  f3a6663b8cb810e905ff5c7bed9ef67e
- SHA1
  
  8e832fbcd04fad6c103bc8753ad87863454830ac
- SHA256
  
  58fa7103a6da18ad8039c901c10af971627efdfb77a27f55a950aa37f4d04dc8
- SHA512
  
  986064204320e6b1100e9c83e4691ee1d3aad06cdda575a723e6f49de9ed0ea0c5862b0d87e665167f9e74896dd0cdeaa12de6e1bb6753e68c56387154f98095
- SSDEEP
  
  6144:jFeLlS5FZCAv2wFR24biJjWti/9q7R/ck6pSDy4N5q39dVdnNn1u9/TPr5P6uzPh:JD6AvTFgJVWt49y5YeE8RhpQetCO
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan