metasploit | 9576d02a063672b2dda3060dc50cada3f1f8766b6986b8b47193e3df8b495c8e | Triage

Sharing

General

Target

JaffaCakes118_9576d02a063672b2dda3060dc50cada3f1f8766b6986b8b47193e3df8b495c8e
Size

932KB
Sample

241225-gvl8xazkf1
MD5

a0f48cf0432e7b21daafffb4f67f5dc4
SHA1

92535d5a12248d620730b64af81c7716e9fccc62
SHA256

9576d02a063672b2dda3060dc50cada3f1f8766b6986b8b47193e3df8b495c8e
SHA512

010b6e06de8aad716287b2ae2dc7426a4493e4a3c891c847d5bd94ccc77055a0aebed6e525696805c30e76bee88c0e39394c7feba2154e5514241771691ab10d
SSDEEP

24576:t/5xFNDwdEpg0Z6NWUzrjheEZjAowHKaEdx6KTmug:5zFND8r0oNWUzrjhmEdxJmh

Score

10^/10

metasploit backdoor discovery javascript pdf trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

5.6.7.8:443

Targets

- Target
  
  JaffaCakes118_9576d02a063672b2dda3060dc50cada3f1f8766b6986b8b47193e3df8b495c8e
- Size
  
  932KB
- MD5
  
  a0f48cf0432e7b21daafffb4f67f5dc4
- SHA1
  
  92535d5a12248d620730b64af81c7716e9fccc62
- SHA256
  
  9576d02a063672b2dda3060dc50cada3f1f8766b6986b8b47193e3df8b495c8e
- SHA512
  
  010b6e06de8aad716287b2ae2dc7426a4493e4a3c891c847d5bd94ccc77055a0aebed6e525696805c30e76bee88c0e39394c7feba2154e5514241771691ab10d
- SSDEEP
  
  24576:t/5xFNDwdEpg0Z6NWUzrjheEZjAowHKaEdx6KTmug:5zFND8r0oNWUzrjhmEdxJmh
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  cs_sb.pdf
- Size
  
  72KB
- MD5
  
  2a046253dbeefd2ec9ac226a31f9665f
- SHA1
  
  2b6c9d9a9d2b75772ce14f875791fb4fa9417429
- SHA256
  
  335563701953af482f55eb521dce276a2fb1f737a041261ca823ac62d75ac7c3
- SHA512
  
  ae7e0cab9aef11bb2c14aad3329210c005e7b78b9c69bfe2b232b16cc870a233c9b6731e142bf8412b40d1cc83aaf9cd306fc4709d53d1cfed7b32699460bbff
- SSDEEP
  
  1536:I02zlSvWmCbYnIEcSB5tDXMb+KR0Nc8QsJq39:W0vWmCUnIeDDe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pdfjavascriptmetasploit

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

behavioral3

metasploitbackdoordiscoverytrojan

behavioral4

metasploitbackdoordiscoverytrojan