Overview

overview

10

Static

static

3

a9eba0329e...69.exe

windows7-x64

10

a9eba0329e...69.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_f372a06adbd98cf4d91f4b95b6d0aa57fea4116e2580453aa3c56c14fd2cf939

  • Size

    339KB

  • Sample

    241222-zl9a7ayqbl

  • MD5

    06135773334e2223283b3af90484d41a

  • SHA1

    f708a2fd434734e80bac1c523ef842eb3be73e66

  • SHA256

    f372a06adbd98cf4d91f4b95b6d0aa57fea4116e2580453aa3c56c14fd2cf939

  • SHA512

    e5c55abd8e63a8933ea55dc9e9765f38065f6b08a8853a2bb21b0b9273c0675f86a80d9d94135a5cd74ae47ccd714f14746add015615f212df34460b9b646e7e

  • SSDEEP

    6144:Ldv4IKDF9Y2Mww1BT0Y8YehuVYH7+xj7v+lwrQiaP/RsZab4lqifp++N:LdgLvY2nwfE3h5H7oj7DrQxat4ifp7

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://185.150.119.157:80/static-directory/kj.png

Attributes
  • headers Host: citrixseruritys.com Connection: close User-Agent: Mozilla/5.0 (Linux; Android 6.0; HTC One X10 Build/MRA58K; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0

Targets

    • Target

      a9eba0329eea37792ff440b3bcc85f5998caad3f046882a169e0d44c0e9c9369

    • Size

      633KB

    • MD5

      c23e8aacaeb1d23041a7f1d0b70ac9ee

    • SHA1

      b6a46cc2b0523238b120b14b52f5f4902e088667

    • SHA256

      a9eba0329eea37792ff440b3bcc85f5998caad3f046882a169e0d44c0e9c9369

    • SHA512

      3883e1200e6665442e21fc0159389789677629a304b056226e15e331cc00e386b407b8f904af6ef0b544acf8099fd769ee82da5db7581f51af544dd6f8412061

    • SSDEEP

      12288:wAlyjgqIzl1ipuCRU/5g4ETE90xAeN1CmeEqR:wAlyMVujU/5uTK0GpRh

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks