metasploit

General

Target

JaffaCakes118_c772cf1719bbe423d70ab3191b562fef
Size

72KB
Sample

250119-pdr2tswqgz
MD5

c772cf1719bbe423d70ab3191b562fef
SHA1

1466b5cbfcdd1860fbc112cf60368e0a017669b8
SHA256

7ce06db548ef865fa5e8cea097c27e50a232a494a845cd1306ed10c09403c6a5
SHA512

fbe932ff0c66651b858d5bd60d791605b2d2cf4d45bcf5ea9edffd021d021bc00d524baf48c5043311f1fc8c36d475ab70876ce66e2c94e7e64619e5ee45502b
SSDEEP

1536:I7p2a/w8hrP8EjlCCSN6TAzPUDw+rhCA6kNCmMb+KR0Nc8QsJq39:Sp2arPjCCfTAEw+rhCArNCme0Nc8QsC9

Score

10^/10

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.200.3:4455

Targets

- Target
  
  JaffaCakes118_c772cf1719bbe423d70ab3191b562fef
- Size
  
  72KB
- MD5
  
  c772cf1719bbe423d70ab3191b562fef
- SHA1
  
  1466b5cbfcdd1860fbc112cf60368e0a017669b8
- SHA256
  
  7ce06db548ef865fa5e8cea097c27e50a232a494a845cd1306ed10c09403c6a5
- SHA512
  
  fbe932ff0c66651b858d5bd60d791605b2d2cf4d45bcf5ea9edffd021d021bc00d524baf48c5043311f1fc8c36d475ab70876ce66e2c94e7e64619e5ee45502b
- SSDEEP
  
  1536:I7p2a/w8hrP8EjlCCSN6TAzPUDw+rhCA6kNCmMb+KR0Nc8QsJq39:Sp2arPjCCfTAEw+rhCArNCme0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Extracted

Extracted

Targets

Metasploit family

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2