Overview

overview

10

Static

static

da977ca12c...d7.exe

windows7_x64

10

da977ca12c...d7.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    da977ca12c4990e59598897e40e4e8d7.exe

  • Size

    14KB

  • Sample

    201105-dvadphx9pn

  • MD5

    da977ca12c4990e59598897e40e4e8d7

  • SHA1

    50ffd5e0e0ac0876f61885f610d5d4f50465cf84

  • SHA256

    8f3eb6ca303de759c0530906ad4675432d7d3361641b46413e12f325b4028081

  • SHA512

    c7af00076e2cc905a57d16fe1891b16a98ff6a0695612a50a781114e0dc86926a1aa36cdaa9355a46aff258c2f922ecbcb8cda727206bf1145a7b68e601cc079

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://31.44.184.131:80/sPIP

Attributes
  • headers User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727)

Targets

    • Target

      da977ca12c4990e59598897e40e4e8d7.exe

    • Size

      14KB

    • MD5

      da977ca12c4990e59598897e40e4e8d7

    • SHA1

      50ffd5e0e0ac0876f61885f610d5d4f50465cf84

    • SHA256

      8f3eb6ca303de759c0530906ad4675432d7d3361641b46413e12f325b4028081

    • SHA512

      c7af00076e2cc905a57d16fe1891b16a98ff6a0695612a50a781114e0dc86926a1aa36cdaa9355a46aff258c2f922ecbcb8cda727206bf1145a7b68e601cc079

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks