metasploit | 5b958499b0f7e27eda1e628f1122be0ea4ac505faa931e26f4ff39f6ce1c648e | Triage

Sharing

General

Target

5b958499b0f7e27eda1e628f1122be0ea4ac505faa931e26f4ff39f6ce1c648e
Size

275KB
Sample

201114-p8d59fq5ax
MD5

24db12df9a2c5e70aa0f83eaaa2ef3ee
SHA1

224c8c0c0519c9891224fa28d990cd63c8e6e457
SHA256

5b958499b0f7e27eda1e628f1122be0ea4ac505faa931e26f4ff39f6ce1c648e
SHA512

673fbb054f353286118ebee7776237a4774647f75adbc3e91fb11d943249f16292603ee27fe084c7789475d0b1ebf4c1ddb70e6ccdc1b5ac00cfa0e1cce17995

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://144.48.9.115:443/YCiX

Targets

- Target
  
  5b958499b0f7e27eda1e628f1122be0ea4ac505faa931e26f4ff39f6ce1c648e
- Size
  
  275KB
- MD5
  
  24db12df9a2c5e70aa0f83eaaa2ef3ee
- SHA1
  
  224c8c0c0519c9891224fa28d990cd63c8e6e457
- SHA256
  
  5b958499b0f7e27eda1e628f1122be0ea4ac505faa931e26f4ff39f6ce1c648e
- SHA512
  
  673fbb054f353286118ebee7776237a4774647f75adbc3e91fb11d943249f16292603ee27fe084c7789475d0b1ebf4c1ddb70e6ccdc1b5ac00cfa0e1cce17995
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Suspicious use of NtCreateUserProcessOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan