Overview

overview

10

Static

static

8

6fa2bb98b9...48.doc

windows7-x64

10

6fa2bb98b9...48.doc

windows10-2004-x64

1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_feac72c5c4a55ae02c6e324a7f0a0dd0e2b37eba7e443db424f4fef1d46ae909

  • Size

    18KB

  • Sample

    241225-vhf31syrbv

  • MD5

    e77ebaff9141cc9afee09d9a1e58a461

  • SHA1

    1633fcca31b003d68979652eb9e0bc417c871b20

  • SHA256

    feac72c5c4a55ae02c6e324a7f0a0dd0e2b37eba7e443db424f4fef1d46ae909

  • SHA512

    0f2f9f400c250fa3779a73a16d5359631f49d96f0196324aae32971934aca5db80a314742a86d0b1df3839ec9c861c5d0ec51d9946483e4aec4a80c7719e3657

  • SSDEEP

    384:tjofxyT4QyBfsr1ktrcX2RRzI1ttPMjIiRmNxy0fAS:tjoJy8BCrScGRwY2xy0b

Score
10/10
metasploitbackdoordiscoverymacromacro_on_actiontrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://192.168.100.9:4444/HaPVU2Oce2NnNWY0Bsl8hgSppkegrKfMVtfpc-kESkORaFyzRtFl

Targets

    • Target

      6fa2bb98b984211dca440babbf79b9f48ab4f0f157818f832f94de22ffaea448

    • Size

      47KB

    • MD5

      2557f24d18916cfda4e312639f2692f5

    • SHA1

      5c3f30e67cf6ef829880b733bfd90afa15cb8822

    • SHA256

      6fa2bb98b984211dca440babbf79b9f48ab4f0f157818f832f94de22ffaea448

    • SHA512

      5ebaea26e6c38de027d2b24717b781f40c84966b75ea3585d98e637ae7e345d3701fa3e9e56301aefe311c1b8c8838b5196c7b02f94c05354f97db80a7cff94e

    • SSDEEP

      768:c8aNNTD9AokZjyXuH3I/N69+plHFIFaL:c8yD9And9+phFIFaL

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks