metasploit | 53b3aca10dfc6f7bf1c0349f0b98babf5d0d1a584ac6b10369e2b7ac054a99dd | Triage

Submit
Reports

Overview

overview

Static

static

3

1385219d63...18.exe

windows7-x64

1385219d63...18.exe

windows10-2004-x64

7

Sharing

General

Target

1385219d6368deca2b4c8ffd47c7b612_JaffaCakes118
Size

836KB
Sample

240626-1axzfsvdkf
MD5

1385219d6368deca2b4c8ffd47c7b612
SHA1

073faff2cc9d76b85c1339d9a308977b1d3bacf5
SHA256

53b3aca10dfc6f7bf1c0349f0b98babf5d0d1a584ac6b10369e2b7ac054a99dd
SHA512

e31cff07e9dfc3b7ee7a1b38066408826da17ffde23e363667f4de61bbcd99c000a346df7ae7bd3c4f19eddcc2fc029553f60f4858d2236afb7759729656a375
SSDEEP

24576:GSs2UOty0TrfVSDBeJjmHSMSICMWDbUdn:bTOexSYD0

Score

10^/10

metasploit backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

1385219d6368deca2b4c8ffd47c7b612_JaffaCakes118.exe

Resource

win7-20240221-en

metasploit backdoor trojan

windows7-x64

8 signatures

150 seconds

Behavioral task

behavioral2

Sample

1385219d6368deca2b4c8ffd47c7b612_JaffaCakes118.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  1385219d6368deca2b4c8ffd47c7b612_JaffaCakes118
- Size
  
  836KB
- MD5
  
  1385219d6368deca2b4c8ffd47c7b612
- SHA1
  
  073faff2cc9d76b85c1339d9a308977b1d3bacf5
- SHA256
  
  53b3aca10dfc6f7bf1c0349f0b98babf5d0d1a584ac6b10369e2b7ac054a99dd
- SHA512
  
  e31cff07e9dfc3b7ee7a1b38066408826da17ffde23e363667f4de61bbcd99c000a346df7ae7bd3c4f19eddcc2fc029553f60f4858d2236afb7759729656a375
- SSDEEP
  
  24576:GSs2UOty0TrfVSDBeJjmHSMSICMWDbUdn:bTOexSYD0
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

© 2018-2024

Terms | Privacy