Overview

overview

10

Static

static

3

1ceed5dcb2...18.exe

windows7-x64

10

1ceed5dcb2...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1ceed5dcb2ea13f10a727326633a99f9_JaffaCakes118

  • Size

    380KB

  • Sample

    240701-3ht9mszgrj

  • MD5

    1ceed5dcb2ea13f10a727326633a99f9

  • SHA1

    e23bb5b3d5235757fa56a6b3a43c5e358781653a

  • SHA256

    da9a60d8fbe49d1ff0cb0d4bdb5b92317f16d5c7292ca3978bfbe2dc1163221d

  • SHA512

    1e52fc832946178eec00171e8a3e4c5bc9e892481b593bdc71a43410c95fbca4ea00026bdfc7b65d27aa0b626f3b2d704297a44eae6ae0e21e875cdb6926719e

  • SSDEEP

    6144:WRjfpbvNzGn6+MT1k6CW3e0dZfFgCZTdsmnElX9mzHsmaEJFLaXupTR5QWfdz:WRjfHza6+M5ko1dTdxGmnOX9uhL+KT4o

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      1ceed5dcb2ea13f10a727326633a99f9_JaffaCakes118

    • Size

      380KB

    • MD5

      1ceed5dcb2ea13f10a727326633a99f9

    • SHA1

      e23bb5b3d5235757fa56a6b3a43c5e358781653a

    • SHA256

      da9a60d8fbe49d1ff0cb0d4bdb5b92317f16d5c7292ca3978bfbe2dc1163221d

    • SHA512

      1e52fc832946178eec00171e8a3e4c5bc9e892481b593bdc71a43410c95fbca4ea00026bdfc7b65d27aa0b626f3b2d704297a44eae6ae0e21e875cdb6926719e

    • SSDEEP

      6144:WRjfpbvNzGn6+MT1k6CW3e0dZfFgCZTdsmnElX9mzHsmaEJFLaXupTR5QWfdz:WRjfHza6+M5ko1dTdxGmnOX9uhL+KT4o

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Executes dropped EXE

    • Loads dropped DLL

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks