metasploit | 7af5955a5c2fcdd76911beaaf19c68ed0c2b71f286a78ac0099d27096473f490 | Triage

Submit
Reports

Overview

overview

Static

static

3

198094d9d2...18.exe

windows7-x64

198094d9d2...18.exe

windows10-2004-x64

3

Sharing

General

Target

198094d9d2e8f43f848cbec4783e13bb_JaffaCakes118
Size

471KB
Sample

240628-kpvvmszhrg
MD5

198094d9d2e8f43f848cbec4783e13bb
SHA1

1b6f22369a00d98aee8f171cc91fb97494ed7c9a
SHA256

7af5955a5c2fcdd76911beaaf19c68ed0c2b71f286a78ac0099d27096473f490
SHA512

280fb670d96ac313b41b3dbf8bd38e6cb254bf838b6de58348c37c35c74858585de6c5d58bfbc0ca8ab8d27cb35fe4a4c3c732126a122183d8c49e3812693c30
SSDEEP

12288:BRV4IM46MzJf5ytc27q4iuAtUVO8us2q0/Bbbg4u3:WcBNGUuAtyO8ul5/hb5u3

Score

10^/10

metasploit backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

198094d9d2e8f43f848cbec4783e13bb_JaffaCakes118.exe

Resource

win7-20240508-en

metasploit backdoor trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

198094d9d2e8f43f848cbec4783e13bb_JaffaCakes118.exe

Resource

win10v2004-20240611-en

windows10-2004-x64

1 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  198094d9d2e8f43f848cbec4783e13bb_JaffaCakes118
- Size
  
  471KB
- MD5
  
  198094d9d2e8f43f848cbec4783e13bb
- SHA1
  
  1b6f22369a00d98aee8f171cc91fb97494ed7c9a
- SHA256
  
  7af5955a5c2fcdd76911beaaf19c68ed0c2b71f286a78ac0099d27096473f490
- SHA512
  
  280fb670d96ac313b41b3dbf8bd38e6cb254bf838b6de58348c37c35c74858585de6c5d58bfbc0ca8ab8d27cb35fe4a4c3c732126a122183d8c49e3812693c30
- SSDEEP
  
  12288:BRV4IM46MzJf5ytc27q4iuAtUVO8us2q0/Bbbg4u3:WcBNGUuAtyO8ul5/hb5u3
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

© 2018-2024

Terms | Privacy