metasploit | af9ff3ca2aaf7ee7638ac86f952da88ee77f8829f94b67d5264a69c1e6f7a2d6 | Triage

Sharing

General

Target

fc06f49515d0949efbbed4ba896059ca_JaffaCakes118
Size

90KB
Sample

241218-sggbaatqer
MD5

fc06f49515d0949efbbed4ba896059ca
SHA1

05d8dc94634a0cffebaea1e3e5b09f9d19b09616
SHA256

af9ff3ca2aaf7ee7638ac86f952da88ee77f8829f94b67d5264a69c1e6f7a2d6
SHA512

035f9018a6bcd461c78155eb2fda820a6b68526dd4318980c75bfbf4f04fcc64a5cfa931868ed108fb242267f0476528f92fe8d17efad600916209d4aab8cbda
SSDEEP

1536:422T8DV4AJxJm8D9NtxO2yLQkgeHwnGJyYtD6vqr9PxDtr:NqAXI2ykkLOGJyYx6u9ZDt

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  fc06f49515d0949efbbed4ba896059ca_JaffaCakes118
- Size
  
  90KB
- MD5
  
  fc06f49515d0949efbbed4ba896059ca
- SHA1
  
  05d8dc94634a0cffebaea1e3e5b09f9d19b09616
- SHA256
  
  af9ff3ca2aaf7ee7638ac86f952da88ee77f8829f94b67d5264a69c1e6f7a2d6
- SHA512
  
  035f9018a6bcd461c78155eb2fda820a6b68526dd4318980c75bfbf4f04fcc64a5cfa931868ed108fb242267f0476528f92fe8d17efad600916209d4aab8cbda
- SSDEEP
  
  1536:422T8DV4AJxJm8D9NtxO2yLQkgeHwnGJyYtD6vqr9PxDtr:NqAXI2ykkLOGJyYx6u9ZDt
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan