metasploit | 06d788d5cd467bf9dda4aaadb2afaf47a84f41098f197d6a3d9b8212bc771035 | Triage

Sharing

General

Target

JaffaCakes118_06d788d5cd467bf9dda4aaadb2afaf47a84f41098f197d6a3d9b8212bc771035
Size

359KB
Sample

241230-fnjzjaynhz
MD5

de052447950650d1e1d3519e5ad0fc06
SHA1

c88a9c5747b8470c3dc7530f7fbc24dd2d317b57
SHA256

06d788d5cd467bf9dda4aaadb2afaf47a84f41098f197d6a3d9b8212bc771035
SHA512

a179556210e79f85657eb53a78a8d3d31d1b4be5d3dd7a4847187be24b8e05fbce03f50ebd1c309db28406ae2476f3e3aba9ef55ad13e05de0fabf54b76acec5
SSDEEP

6144:yTqt9/bFHcc9YIlhJg3pTruLxK3IxtQS76G9XgdSd3em30DDgCd2wxwUO53:WqtdFJDgZTesIxtQrG9wMemEDDDhxwUe

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://212.114.52.203:80/wp-includes/get.gif

Attributes

headers Host: hypervupdater.com Connection: close Accept: image/* User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246

Targets

- Target
  
  2a5b9476f359f49c9acd6084d5cac7d7dc770958f294c9d13c9ee352b79897e2
- Size
  
  673KB
- MD5
  
  a58ffc1099e9de07f7a3efd76eaaf0c4
- SHA1
  
  c64e0f6d2f5364225d5c889da449390c96c47f28
- SHA256
  
  2a5b9476f359f49c9acd6084d5cac7d7dc770958f294c9d13c9ee352b79897e2
- SHA512
  
  84e807c2f18ade2e1ca840000d5a710f4698a659eba7875a82fa3bfef9256f5b2f16b304532af22fe584f678a39995a42ba2646fa4c5ce8272dd76ab9d6d86e9
- SSDEEP
  
  12288:+CjXGqMSrjyJMWwBE6KA2CpcmgolEVxm1fKQ4cp+amZSUL:H2XuFJ6jmdicWg
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan