metasploit | 09c5a8b1a4c0beca3a9deb25811f81d10d9085bd982dbe6122f42cb3c190425a | Triage

Sharing

General

Target

fdb4ee13ecc12b1a0cae783d418a2cf6_JaffaCakes118
Size

76KB
Sample

241219-arm8gaylhw
MD5

fdb4ee13ecc12b1a0cae783d418a2cf6
SHA1

4f03aa9bb5d22c1a918270b3b49c6c241c51879e
SHA256

09c5a8b1a4c0beca3a9deb25811f81d10d9085bd982dbe6122f42cb3c190425a
SHA512

72dce1bb60cf62e90fc310bff324e3f71497903d0d7fd52fe77225c3d3e5e5fbc2ba5c6bd07ce1cb492ece234c8b173de4570a8439e9e8a0632c0fd3e3dbd862
SSDEEP

1536:6c9y//CcHadUO8RI4IrCs2C7Oxy5roZqjlyjh9Y:6cyv08RI4IrccS4oQRyN9Y

Score

10^/10

metasploit discovery

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  fdb4ee13ecc12b1a0cae783d418a2cf6_JaffaCakes118
- Size
  
  76KB
- MD5
  
  fdb4ee13ecc12b1a0cae783d418a2cf6
- SHA1
  
  4f03aa9bb5d22c1a918270b3b49c6c241c51879e
- SHA256
  
  09c5a8b1a4c0beca3a9deb25811f81d10d9085bd982dbe6122f42cb3c190425a
- SHA512
  
  72dce1bb60cf62e90fc310bff324e3f71497903d0d7fd52fe77225c3d3e5e5fbc2ba5c6bd07ce1cb492ece234c8b173de4570a8439e9e8a0632c0fd3e3dbd862
- SSDEEP
  
  1536:6c9y//CcHadUO8RI4IrCs2C7Oxy5roZqjlyjh9Y:6cyv08RI4IrccS4oQRyN9Y
Score

8^/10

discovery
- Drops file in Drivers directory
- Network Share Discovery
  Attempt to gather information on host network.
  discovery
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Share Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2