metasploit | 196924fc9d85c5ec495a068ad6fb07de21f19fb815e25d2d8193b3693cf05ad6 | Triage

Sharing

General

Target

JaffaCakes118_196924fc9d85c5ec495a068ad6fb07de21f19fb815e25d2d8193b3693cf05ad6
Size

44KB
Sample

241229-f496natnfx
MD5

1d6ebee5f8d9e4f1905a60623d0246a5
SHA1

bcb9f7ccb292bb70408262a99a866f46edebc757
SHA256

196924fc9d85c5ec495a068ad6fb07de21f19fb815e25d2d8193b3693cf05ad6
SHA512

415a3c64f3e5e9efdb01f39e6458cf7bb77e58841cf1b273e077fe22f632bd1d17887e6292ee8bba11f4fc1bd94456b3a1a1700ae8214c14602d3ec5809fab18
SSDEEP

768:0ZuqS67XnKPVwFO5XYZQYz1r8iLt8c0ER5SapWSYdJG8WLhZO3AufZ:0ZPfCT5XYZQYxNOaMaLhZ4AkZ

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

157.230.244.240:443

Targets

- Target
  
  a2292fc063c133aec5f03219f7b15803b54c0020231fcb553e12b1be4920fc24
- Size
  
  72KB
- MD5
  
  2a8277becb414aecbadbe04f52486667
- SHA1
  
  8e42fef85b0a7df99c816256ef5d56dca93d2ca5
- SHA256
  
  a2292fc063c133aec5f03219f7b15803b54c0020231fcb553e12b1be4920fc24
- SHA512
  
  18808f1e597e4604682fbfb60c4b12d4a43317e731355c0c018dcd000d866374de643c669a98170ef1318ff47957a873981f8d8db3c3f025a7ff642a43ec08a2
- SSDEEP
  
  1536:IugSa2vYmGY3xFtNxERXqUMb+KR0Nc8QsJq39:lrPGYhv3E0Ue0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan