metasploit | 3272632c3a970987267d5436c7ee044b0604c444ea81e48db9a015bbde1a34b4 | Triage

Sharing

General

Target

JaffaCakes118_4084ace2054821fb4f6d57c90898dc30
Size

72KB
Sample

250101-amlh3sxjgw
MD5

4084ace2054821fb4f6d57c90898dc30
SHA1

c588b6505d200a8663011560c683150528036f0a
SHA256

3272632c3a970987267d5436c7ee044b0604c444ea81e48db9a015bbde1a34b4
SHA512

df1cc8417f760f378ded778c32525715694656577f8437fc9c15a51379a542ca2632829833843bceae28df24c202802e2ec4783fd9c494bd8e96f7ef77374d22
SSDEEP

1536:ILBQi8XzG/9IqVMuvDw2TT9uD8Mb+KR0Nc8QsJq39:gBQieqOuMlAe0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.0.60:4444

Targets

- Target
  
  JaffaCakes118_4084ace2054821fb4f6d57c90898dc30
- Size
  
  72KB
- MD5
  
  4084ace2054821fb4f6d57c90898dc30
- SHA1
  
  c588b6505d200a8663011560c683150528036f0a
- SHA256
  
  3272632c3a970987267d5436c7ee044b0604c444ea81e48db9a015bbde1a34b4
- SHA512
  
  df1cc8417f760f378ded778c32525715694656577f8437fc9c15a51379a542ca2632829833843bceae28df24c202802e2ec4783fd9c494bd8e96f7ef77374d22
- SSDEEP
  
  1536:ILBQi8XzG/9IqVMuvDw2TT9uD8Mb+KR0Nc8QsJq39:gBQieqOuMlAe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan