metasploit | 01e57a021b2f23ea4ae50b26c4ea078316edc587a6fc6ec8ac5d1132c6fc814b | Triage

Sharing

General

Target

JaffaCakes118_01e57a021b2f23ea4ae50b26c4ea078316edc587a6fc6ec8ac5d1132c6fc814b
Size

138KB
Sample

241222-b8e4vsymcn
MD5

4ec2f8c86c63c8a6615b58f0d300b6bf
SHA1

79d6a860dfffe041cb3e0f9763a7dda00d075390
SHA256

01e57a021b2f23ea4ae50b26c4ea078316edc587a6fc6ec8ac5d1132c6fc814b
SHA512

f14267898b40568473db067a0fd123ac54671c1dc8ca2e201b4b1d8be73f7eed371659df485b73bd8f3e08246d0f383a77335c501e5cc930c5b7984d1055960f
SSDEEP

3072:tPH3bZjz9pVpb41MS7Ja3N1UG7pHF+rX3KKcCdhv0e9Q9ywPdNK:7vmMqJacGNHF+rX3xJFx9Q9ywPdNK

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://69.30.232.138:80/iBNc

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0)

Targets

- Target
  
  69138.bin
- Size
  
  267KB
- MD5
  
  a4358c243781cfebde38208a7de89ef9
- SHA1
  
  100381f2cb15dcb02dc0af599c8cbc86f9ae8a43
- SHA256
  
  6aa7014299e01ce49789a7525d0eb3d4d685c220cae8ed4a6fa135c10d327762
- SHA512
  
  94df8e1147cb2103d0b278c1428252e216d714184be4f8661927cdb34646e71162b963c93e4bcb3454452641d9b3f4b53c627b29417a28cb4867c6ed38e9203f
- SSDEEP
  
  6144:Ir89Fsud7SU3D0/HJ2s/drxhKuEKEueAOVMcgY5:IYTsud733wvJ2s/dIKa3LgY5
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan