metasploit | a9c8f4966080dbf39a92c66c18486e0fe797a1b4e577309fbf9519f5ba773ba4 | Triage

Sharing

General

Target

JaffaCakes118_60ba6b3ea34c5650d27cc10bf5fca120
Size

299KB
Sample

250101-z8a2xaxlgk
MD5

60ba6b3ea34c5650d27cc10bf5fca120
SHA1

9305916f5784b3af4dad04d993ee7143c08272b3
SHA256

a9c8f4966080dbf39a92c66c18486e0fe797a1b4e577309fbf9519f5ba773ba4
SHA512

a6cdc41d00aa20233605477edc4ec5bff8ff8e6e63d3a9500ae4348c61130ae83e039dc601c04af38d499ca79b50392b0d7c7b4f8f204a4d32c4e689f35e8f77
SSDEEP

3072:g/Fkbff/FoeMrx9O1vfjQdLCQMcP7FRCMkLjyGez1c:g9kbtoLtM1nM9xf/CMkLmt+

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.6.100:41234

Targets

- Target
  
  JaffaCakes118_60ba6b3ea34c5650d27cc10bf5fca120
- Size
  
  299KB
- MD5
  
  60ba6b3ea34c5650d27cc10bf5fca120
- SHA1
  
  9305916f5784b3af4dad04d993ee7143c08272b3
- SHA256
  
  a9c8f4966080dbf39a92c66c18486e0fe797a1b4e577309fbf9519f5ba773ba4
- SHA512
  
  a6cdc41d00aa20233605477edc4ec5bff8ff8e6e63d3a9500ae4348c61130ae83e039dc601c04af38d499ca79b50392b0d7c7b4f8f204a4d32c4e689f35e8f77
- SSDEEP
  
  3072:g/Fkbff/FoeMrx9O1vfjQdLCQMcP7FRCMkLjyGez1c:g9kbtoLtM1nM9xf/CMkLmt+
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan