metasploit | 7e6494c66aec5df8b670912319e188d42cbba3ef3103fa6125898704930b5c0c | Triage

Sharing

General

Target

JaffaCakes118_7e6494c66aec5df8b670912319e188d42cbba3ef3103fa6125898704930b5c0c
Size

5KB
Sample

241223-3z4veawkgk
MD5

2e7010d0c46d59952e3282cea8b719fc
SHA1

6743bd305a5f43bc061286db1f9397b18e1917f6
SHA256

7e6494c66aec5df8b670912319e188d42cbba3ef3103fa6125898704930b5c0c
SHA512

76b2e42af687146cbb9c624323a82e41ca67a4a56cdd081cd0502968e7615ac64ebb6b0453011c4386601e876505082af0ac766440c8b9d4d4341c39bb333bdb
SSDEEP

24:ev1GSFGFajE/K3tQ3zSaJ2IkM6Pv617s3h/LjpKpuMA6CuvhIAND/sa:qFGFajFK3zSIe7h/TMpCuvxNrsa

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_bind_tcp

Targets

- Target
  
  JaffaCakes118_7e6494c66aec5df8b670912319e188d42cbba3ef3103fa6125898704930b5c0c
- Size
  
  5KB
- MD5
  
  2e7010d0c46d59952e3282cea8b719fc
- SHA1
  
  6743bd305a5f43bc061286db1f9397b18e1917f6
- SHA256
  
  7e6494c66aec5df8b670912319e188d42cbba3ef3103fa6125898704930b5c0c
- SHA512
  
  76b2e42af687146cbb9c624323a82e41ca67a4a56cdd081cd0502968e7615ac64ebb6b0453011c4386601e876505082af0ac766440c8b9d4d4341c39bb333bdb
- SSDEEP
  
  24:ev1GSFGFajE/K3tQ3zSaJ2IkM6Pv617s3h/LjpKpuMA6CuvhIAND/sa:qFGFajFK3zSIe7h/TMpCuvxNrsa
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan