metasploit | 0090bdb828e1190e41e1771cbdde8e308e5887428ac4f798fb3edeb47b9ab547 | Triage

Sharing

General

Target

JaffaCakes118_61d957b6a2c66f7029e9982969c30760
Size

30KB
Sample

250102-bxm1bswkfw
MD5

61d957b6a2c66f7029e9982969c30760
SHA1

40eef6d94b9905e90e55b90923a6ec296f6c6374
SHA256

0090bdb828e1190e41e1771cbdde8e308e5887428ac4f798fb3edeb47b9ab547
SHA512

e049d863eae3dde56112c46443c65852bd62e6bd76c788181821ffff06c7c3c0aa68468e8205052ac13253de4c7af00572f54a48184bdb23a5d3925d61d049e0
SSDEEP

768:AGFFYGmrsUU4k8jAEkn1ruOusKzhSqyxiYDnY:AwhLBrfHlTK97PYDY

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  JaffaCakes118_61d957b6a2c66f7029e9982969c30760
- Size
  
  30KB
- MD5
  
  61d957b6a2c66f7029e9982969c30760
- SHA1
  
  40eef6d94b9905e90e55b90923a6ec296f6c6374
- SHA256
  
  0090bdb828e1190e41e1771cbdde8e308e5887428ac4f798fb3edeb47b9ab547
- SHA512
  
  e049d863eae3dde56112c46443c65852bd62e6bd76c788181821ffff06c7c3c0aa68468e8205052ac13253de4c7af00572f54a48184bdb23a5d3925d61d049e0
- SSDEEP
  
  768:AGFFYGmrsUU4k8jAEkn1ruOusKzhSqyxiYDnY:AwhLBrfHlTK97PYDY
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Drops file in Drivers directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan