metasploit | 9b5063189c2dd0550c422662883b23b243a72d97a8d55e80236328aed1625a3c | Triage

Submit
Reports

Overview

overview

Static

static

8

9b5063189c...3c.exe

windows7_x64

9b5063189c...3c.exe

windows10_x64

Sharing

General

Target

9b5063189c2dd0550c422662883b23b243a72d97a8d55e80236328aed1625a3c
Size

3.3MB
Sample

201111-2hmc7tzdkn
MD5

8c0c79a1d225b583724e6d6cb97d2640
SHA1

d86f98b0f4c965a2f5e41ebdeb54388890967450
SHA256

9b5063189c2dd0550c422662883b23b243a72d97a8d55e80236328aed1625a3c
SHA512

6029b4df1048897d941682bc1379d27017f5d0cc2b6724ee5a46c5b54f2f41cb8c2d10e7beca56ec214c77a51a2364dbf5341ef4279af707767659a95671ce18

Score

10^/10

metasploit backdoor trojan vmprotect

Static task

static1

Behavioral task

behavioral1

Sample

9b5063189c2dd0550c422662883b23b243a72d97a8d55e80236328aed1625a3c.exe

Resource

win7v20201028

metasploit backdoor trojan vmprotect

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9b5063189c2dd0550c422662883b23b243a72d97a8d55e80236328aed1625a3c.exe

Resource

win10v20201028

metasploit backdoor trojan vmprotect

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://47.91.237.42:8443/blIF

Targets

- Target
  
  9b5063189c2dd0550c422662883b23b243a72d97a8d55e80236328aed1625a3c
- Size
  
  3.3MB
- MD5
  
  8c0c79a1d225b583724e6d6cb97d2640
- SHA1
  
  d86f98b0f4c965a2f5e41ebdeb54388890967450
- SHA256
  
  9b5063189c2dd0550c422662883b23b243a72d97a8d55e80236328aed1625a3c
- SHA512
  
  6029b4df1048897d941682bc1379d27017f5d0cc2b6724ee5a46c5b54f2f41cb8c2d10e7beca56ec214c77a51a2364dbf5341ef4279af707767659a95671ce18
Score

10^/10

metasploit backdoor trojan vmprotect
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- VMProtect packed file
  Detects executables packed with VMProtect commercial packer.
  vmprotect
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojanvmprotect

behavioral2

metasploitbackdoortrojanvmprotect

© 2018-2024

Terms | Privacy