Overview

overview

10

Static

static

SecuriteIn...09.exe

windows7_x64

1

SecuriteIn...09.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.BackDoor.Meterpreter.166.30487.16509

  • Size

    303KB

  • Sample

    201224-8n9mv167e2

  • MD5

    48073731d6bc08d6edba5cd9e157729a

  • SHA1

    1f45b9d7573d182449935c1d39bde1fb11c7e3bc

  • SHA256

    14bdf9b3bcb10c51b8dc10275ced93259dbf62ce31331ab3ccf6e5317d7a3cf5

  • SHA512

    abbc4b43d620d2c36754509f82fa20b907a1c8018eed48093c1c4897d01248f1f8d6b1e7578f686c5deb12c62d7b89839b9d34f8be4bd869ff4066b42e6f49d2

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://778899aabb.ml:443/Yj2h

Targets

    • Target

      SecuriteInfo.com.BackDoor.Meterpreter.166.30487.16509

    • Size

      303KB

    • MD5

      48073731d6bc08d6edba5cd9e157729a

    • SHA1

      1f45b9d7573d182449935c1d39bde1fb11c7e3bc

    • SHA256

      14bdf9b3bcb10c51b8dc10275ced93259dbf62ce31331ab3ccf6e5317d7a3cf5

    • SHA512

      abbc4b43d620d2c36754509f82fa20b907a1c8018eed48093c1c4897d01248f1f8d6b1e7578f686c5deb12c62d7b89839b9d34f8be4bd869ff4066b42e6f49d2

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Suspicious use of NtCreateProcessExOtherParentProcess

    • Suspicious use of NtCreateUserProcessOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks