metasploit

General

Target

JaffaCakes118_45fc050d7caa47911d6b72aa4174ef70
Size

38KB
Sample

250101-ebgg7stlhv
MD5

45fc050d7caa47911d6b72aa4174ef70
SHA1

f373554e6ecbaa0a093655f6402a1b5148c5554c
SHA256

0c6318b148a0d275a7af4026269c2a0ede7c2950313af9a17f50ebd93d7dc436
SHA512

cce7a0442e6cf041605742c5be4a26cf5429200ec029e76fe1d8e678a4cec65c68b37583de5eb1cbd91bed843af4f365c930280dcdf6cc0e54d7fb748bec56fc
SSDEEP

384:GtkcqdgyrfrlDfmSlpHg4HNZ4jSLWzKDHqfJD7KeyApiAxXq+U+Ebi8wV8ggBP:Gti5TpDfrlpGjrzKrAyDADU/wVJoP

Score

10^/10

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.24:443

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  JaffaCakes118_45fc050d7caa47911d6b72aa4174ef70
- Size
  
  38KB
- MD5
  
  45fc050d7caa47911d6b72aa4174ef70
- SHA1
  
  f373554e6ecbaa0a093655f6402a1b5148c5554c
- SHA256
  
  0c6318b148a0d275a7af4026269c2a0ede7c2950313af9a17f50ebd93d7dc436
- SHA512
  
  cce7a0442e6cf041605742c5be4a26cf5429200ec029e76fe1d8e678a4cec65c68b37583de5eb1cbd91bed843af4f365c930280dcdf6cc0e54d7fb748bec56fc
- SSDEEP
  
  384:GtkcqdgyrfrlDfmSlpHg4HNZ4jSLWzKDHqfJD7KeyApiAxXq+U+Ebi8wV8ggBP:Gti5TpDfrlpGjrzKrAyDADU/wVJoP
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Extracted

Targets

Metasploit family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2