Overview

overview

10

Static

static

10

fifthmetasploit.ps1

windows7-x64

10

fifthmetasploit.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6b9aba588d488dbd34abbdb0f69583d4acd830fc670448521281b9aeaf8ce741

  • Size

    1KB

  • Sample

    241225-pnzvessrbp

  • MD5

    0d3ff60f289ed1d6b8db09b070043b16

  • SHA1

    69ed01444b49edc294c56835d9f4d39d4a8c927f

  • SHA256

    6b9aba588d488dbd34abbdb0f69583d4acd830fc670448521281b9aeaf8ce741

  • SHA512

    b2f627b1448be3ede91b030b027d1d83210d6c0c94e4b6ef75804554e774980478305d334f5345e3482a264a14075e855860f312f398fd131c0c1430ea1ef393

Score
10/10
metasploitbackdoorexecutiontrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

0.0.0.0:4566

Targets

    • Target

      fifthmetasploit

    • Size

      2KB

    • MD5

      0d3308ef14e5d65975a65d49eddd96b3

    • SHA1

      ab7e9ac3468204b82551f0bfbaadefae89dc9f22

    • SHA256

      ce3901206449d21d8f931a7427629a764d6ccbfd789d4ddcd2c8cee99222abda

    • SHA512

      a5105f4ec3dae26fa65a17963af275afb8ffdca2dc574260b0ef9451ec0d4a9e4925ed2dedcf19cacc2f418f09f65682da088333f35aeed758f2d1b69d66db28

    Score
    10/10
    metasploitbackdoorexecutiontrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks