metasploit | 06b0feb0a8f8a27ba7f110230ad0e861fdb16c68a61d12b87c26e564d96575df | Triage

Sharing

General

Target

f66ac139d6c4ac033874fb1ff40fadc9_JaffaCakes118
Size

239KB
Sample

241216-apsp6stret
MD5

f66ac139d6c4ac033874fb1ff40fadc9
SHA1

78c74ad5dfff6929baa14db119b63e330f56db6f
SHA256

06b0feb0a8f8a27ba7f110230ad0e861fdb16c68a61d12b87c26e564d96575df
SHA512

db227edc213d1bd9b4c967f0550e2f9e13741a6988bf561717f4fcac735ba1edc43846f1300c0d1c61632c9933455efd9ea3437a365d7a3f0c6d2229b6b4b48d
SSDEEP

6144:pmobSO3LLHeqFRa5UbTyLwKTgtAivpmU0h0oZTZTZTZ:pmoOO3LDBI5UbTewJbvpx0h0o999

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  f66ac139d6c4ac033874fb1ff40fadc9_JaffaCakes118
- Size
  
  239KB
- MD5
  
  f66ac139d6c4ac033874fb1ff40fadc9
- SHA1
  
  78c74ad5dfff6929baa14db119b63e330f56db6f
- SHA256
  
  06b0feb0a8f8a27ba7f110230ad0e861fdb16c68a61d12b87c26e564d96575df
- SHA512
  
  db227edc213d1bd9b4c967f0550e2f9e13741a6988bf561717f4fcac735ba1edc43846f1300c0d1c61632c9933455efd9ea3437a365d7a3f0c6d2229b6b4b48d
- SSDEEP
  
  6144:pmobSO3LLHeqFRa5UbTyLwKTgtAivpmU0h0oZTZTZTZ:pmoOO3LDBI5UbTewJbvpx0h0o999
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan