metasploit | 88f67dedbc999e6529cd3c06fc76af98c32f07d2ece001822ea8005166ae88c7 | Triage

Sharing

General

Target

JaffaCakes118_88f67dedbc999e6529cd3c06fc76af98c32f07d2ece001822ea8005166ae88c7
Size

4KB
Sample

241224-at2tmswnfw
MD5

13315f87d5dcb990c712232dc793e216
SHA1

8badc05537e725b5565dceb04465a456a7d9f2e7
SHA256

88f67dedbc999e6529cd3c06fc76af98c32f07d2ece001822ea8005166ae88c7
SHA512

24b63a5cad7bdc0932e501bb99e6eaa38e813f8e78279736bb32ce88de03ded877a11146a19cb3daf44de4806a63eada0754af93b82f2300c45e98cc159d1bcb
SSDEEP

96:5XdJGjXE/WsAJf5WA9WAt9EDMKQ7Dti01onLa4qQZ:Fdk6KjWiztc/QH/KnLPqQZ

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.119.163:443

Targets

- Target
  
  JaffaCakes118_88f67dedbc999e6529cd3c06fc76af98c32f07d2ece001822ea8005166ae88c7
- Size
  
  4KB
- MD5
  
  13315f87d5dcb990c712232dc793e216
- SHA1
  
  8badc05537e725b5565dceb04465a456a7d9f2e7
- SHA256
  
  88f67dedbc999e6529cd3c06fc76af98c32f07d2ece001822ea8005166ae88c7
- SHA512
  
  24b63a5cad7bdc0932e501bb99e6eaa38e813f8e78279736bb32ce88de03ded877a11146a19cb3daf44de4806a63eada0754af93b82f2300c45e98cc159d1bcb
- SSDEEP
  
  96:5XdJGjXE/WsAJf5WA9WAt9EDMKQ7Dti01onLa4qQZ:Fdk6KjWiztc/QH/KnLPqQZ
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan