Overview

overview

10

Static

static

15312b3333...69.dll

windows7_x64

10

15312b3333...69.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    15312b3333a914abb12de918263de269

  • Size

    112KB

  • Sample

    201117-njah1ctdm6

  • MD5

    82f42d4acae7276fa3524fe356c8eef6

  • SHA1

    b103e3a08a75d38c340a6a845e4e6ffc07044c0b

  • SHA256

    70e6d14972465b38e64bad9444c7a0f39264a2ff3490bf097857c6016df3c59d

  • SHA512

    d1c73130117ac37867e7f74a7749968ae2e95e940124c4999d083990703ecffcd5f2e522c8b87c13b2178146478cb6b5907d3681354f5a542c57c0f757e9d5e6

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://23.227.194.115:80/ihT7

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0; BO1IE8_v1;ENUS)

Targets

    • Target

      15312b3333a914abb12de918263de269

    • Size

      112KB

    • MD5

      82f42d4acae7276fa3524fe356c8eef6

    • SHA1

      b103e3a08a75d38c340a6a845e4e6ffc07044c0b

    • SHA256

      70e6d14972465b38e64bad9444c7a0f39264a2ff3490bf097857c6016df3c59d

    • SHA512

      d1c73130117ac37867e7f74a7749968ae2e95e940124c4999d083990703ecffcd5f2e522c8b87c13b2178146478cb6b5907d3681354f5a542c57c0f757e9d5e6

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks