metasploit | a8bd6800c8c3cfdb9bd9e6061a1cb8dec93ccb35ce4404a98c84ab12c360f651 | Triage

Sharing

General

Target

JaffaCakes118_a8bd6800c8c3cfdb9bd9e6061a1cb8dec93ccb35ce4404a98c84ab12c360f651
Size

350KB
Sample

241224-qwjc3sylgt
MD5

8474adcfaeefe9f428914e4685706673
SHA1

108faebbc332bf9fa3a4ea9f43f292c44e99be22
SHA256

a8bd6800c8c3cfdb9bd9e6061a1cb8dec93ccb35ce4404a98c84ab12c360f651
SHA512

b8ab2026d46efd07e3027bb4f7ae8e43638b829728afcdb732a052c580fdd3c8449463971a635bc0ccaba4403558590b6468caec9848e8360e3dcf47e285faf9
SSDEEP

6144:xMYAgjAbLOmnRDaCwgafS/KIVuDdZBkCLIJufQL/HLF9AeGibTwUtHO:xLAgjAbLTRSzWyzIsfQ/F9AeGigUlO

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

185.63.90.137:4445

Targets

- Target
  
  a3037c3389b811bc1404f719af5c8b9034c5e24710cf3a0b457d28bf1b922cf7
- Size
  
  1.5MB
- MD5
  
  c21e299905613e5cd5d79432934e47e3
- SHA1
  
  5093d0103341afa5a1a12d465dc6dac681027279
- SHA256
  
  a3037c3389b811bc1404f719af5c8b9034c5e24710cf3a0b457d28bf1b922cf7
- SHA512
  
  d2abf7f995628b42a030f76bd64002bd36534417c1d669232664331114afb32028427f7bdd2c2f508bd15ed25ff2b7e232a22b2d6e7b4c87e25a3e8836954ada
- SSDEEP
  
  24576:94nXubIQGyxbPV0db26RVSSR0o6y2oWSSR0o6y2B:9qe3f6bSSR0o6y2RSSR0o6y2
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan