Overview

overview

10

Static

static

10

thirdmetasploit.ps1

windows7-x64

10

thirdmetasploit.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_55dfe5f5712a110f87198548762ea9b251595f1002f22fe266f9ac4eb30d514b

  • Size

    1KB

  • Sample

    241221-xhzw8swngs

  • MD5

    1bd405d69da051119ce91c255cb4eca8

  • SHA1

    ad2ac8f56ffdcf033017843d269353019c0803eb

  • SHA256

    55dfe5f5712a110f87198548762ea9b251595f1002f22fe266f9ac4eb30d514b

  • SHA512

    9a1013ec5e9e1b186ff856d2dc6429ff5119b06f9ffc7fc09e15b97eab81ad82188ed9f0385c668097a10196d235fc2740bbb89a733ad834b993b5a56006143b

Score
10/10
metasploitbackdoorexecutiontrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

172.16.106.10:5360

Targets

    • Target

      thirdmetasploit

    • Size

      2KB

    • MD5

      a6b366d084a57555e0cc329ce2050d60

    • SHA1

      24a7150f60429fed6ddead9d1d8d4c544dce71f6

    • SHA256

      a84db110fec5042f5d99090e968557300568bc69e684109207916caf2e61f1bc

    • SHA512

      f0e82f263ac6a554f08ced8aa14d30fb07ce8d38ab24d1a13c7552528d5aff158f296351dca9884ffaaf6db7f5150dc43916c59786219ef4f834cd5f88e9e290

    Score
    10/10
    metasploitbackdoorexecutiontrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks