Overview

overview

10

Static

static

3

JaffaCakes...bb.exe

windows7-x64

10

JaffaCakes...bb.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_9e6b9df38793b1375b2bfa2c23e4ad7ae49160244807727fa9c625fc9eabc4bb

  • Size

    14KB

  • Sample

    241222-c79shszrgm

  • MD5

    a04e42379d11229504923e4acd93262e

  • SHA1

    fcb1722c3892504c5658e02c0245cda3133d4327

  • SHA256

    9e6b9df38793b1375b2bfa2c23e4ad7ae49160244807727fa9c625fc9eabc4bb

  • SHA512

    81ffb3a05e5be3db5dfe4e16a390f57324ade0fe949c1a136978da220f49efbd69153f9a7cabb3566ecdb6dd4e08c960929417c3385498de7e9b6ed2ab8f0113

  • SSDEEP

    192:ASH+DgGK83SxHn2OQ/dmBI4KBfTgir+xz12PuvvebqUqV/Qjo7AGa:A++kGKqbOCdWIVBff+xz4Puvv6fCXAn

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://70.32.91.85:5030/Brr6

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; XBLWP7; ZuneWP7)

Targets

    • Target

      JaffaCakes118_9e6b9df38793b1375b2bfa2c23e4ad7ae49160244807727fa9c625fc9eabc4bb

    • Size

      14KB

    • MD5

      a04e42379d11229504923e4acd93262e

    • SHA1

      fcb1722c3892504c5658e02c0245cda3133d4327

    • SHA256

      9e6b9df38793b1375b2bfa2c23e4ad7ae49160244807727fa9c625fc9eabc4bb

    • SHA512

      81ffb3a05e5be3db5dfe4e16a390f57324ade0fe949c1a136978da220f49efbd69153f9a7cabb3566ecdb6dd4e08c960929417c3385498de7e9b6ed2ab8f0113

    • SSDEEP

      192:ASH+DgGK83SxHn2OQ/dmBI4KBfTgir+xz12PuvvebqUqV/Qjo7AGa:A++kGKqbOCdWIVBff+xz4Puvv6fCXAn

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks