metasploit | 6998ce4064376fc9a181be3bbf9a64218970b5490a841ace3a20d4155ebd00eb | Triage

Sharing

General

Target

JaffaCakes118_9797da8dd1fa2dd749c9d7b43584bce5
Size

69KB
Sample

250329-y285patmw3
MD5

9797da8dd1fa2dd749c9d7b43584bce5
SHA1

7ce0dbc473be108544b22bb533ed74d1d5cda261
SHA256

6998ce4064376fc9a181be3bbf9a64218970b5490a841ace3a20d4155ebd00eb
SHA512

6f5c84a1066844569fe8b729bee1faf66afd60c65bf2982004174be7ae540efd6dc41bc3b74fe5c9f5c1c56300899e4837d2b6252528f2828f958393e8d0bd9d
SSDEEP

1536:K7twdJp1aAG3DtXE8btMnPOCUCIM+BLONosBdaOpQfKEGNYlHxGXXhAaCt:2wdJ3aTtX7SeCGOrQGNYZxG+aCt

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  JaffaCakes118_9797da8dd1fa2dd749c9d7b43584bce5
- Size
  
  69KB
- MD5
  
  9797da8dd1fa2dd749c9d7b43584bce5
- SHA1
  
  7ce0dbc473be108544b22bb533ed74d1d5cda261
- SHA256
  
  6998ce4064376fc9a181be3bbf9a64218970b5490a841ace3a20d4155ebd00eb
- SHA512
  
  6f5c84a1066844569fe8b729bee1faf66afd60c65bf2982004174be7ae540efd6dc41bc3b74fe5c9f5c1c56300899e4837d2b6252528f2828f958393e8d0bd9d
- SSDEEP
  
  1536:K7twdJp1aAG3DtXE8btMnPOCUCIM+BLONosBdaOpQfKEGNYlHxGXXhAaCt:2wdJ3aTtX7SeCGOrQGNYZxG+aCt
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan