metasploit

General

Target

JaffaCakes118_0231c552de04a30b1c9cb0ff974de9b9
Size

39KB
Sample

250121-frcpmaxpdk
MD5

0231c552de04a30b1c9cb0ff974de9b9
SHA1

df0f3b64f630bad3038a6cea2caf975c9cb5bc05
SHA256

bd243f4ad846d2f5c47bf4f5afa06a17c5f1701fc26ebeb11918e3f6f14fb59a
SHA512

b798dce8cd47e8e66fca6827eb3fed20fbfa12d0f11d4452aec75a269838768048c264ce905355af1f9a3cc45864855ccfecc521724b5b3da979b715459dc8fa
SSDEEP

768:/V5EnP/lEn2mpqFj0mYH5/yTut9/lKlGKaui+n6taC2TX8Kjvp4wwik:/VaHlEn5p2jIZl9/lKlGuioDpphwik

Score

10^/10

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

- Target
  
  JaffaCakes118_0231c552de04a30b1c9cb0ff974de9b9
- Size
  
  39KB
- MD5
  
  0231c552de04a30b1c9cb0ff974de9b9
- SHA1
  
  df0f3b64f630bad3038a6cea2caf975c9cb5bc05
- SHA256
  
  bd243f4ad846d2f5c47bf4f5afa06a17c5f1701fc26ebeb11918e3f6f14fb59a
- SHA512
  
  b798dce8cd47e8e66fca6827eb3fed20fbfa12d0f11d4452aec75a269838768048c264ce905355af1f9a3cc45864855ccfecc521724b5b3da979b715459dc8fa
- SSDEEP
  
  768:/V5EnP/lEn2mpqFj0mYH5/yTut9/lKlGKaui+n6taC2TX8Kjvp4wwik:/VaHlEn5p2jIZl9/lKlGuioDpphwik
Score

10^/10

metasploit backdoor discovery trojan upx
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Drops file in Drivers directory
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

Metasploit family

Drops file in Drivers directory

Executes dropped EXE

Loads dropped DLL

Drops file in System32 directory

UPX packed file

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2