General
-
Target
SecuriteInfo.com.BackDoor.Meterpreter.166.30487.16509
-
Size
303KB
-
Sample
201224-8n9mv167e2
-
MD5
48073731d6bc08d6edba5cd9e157729a
-
SHA1
1f45b9d7573d182449935c1d39bde1fb11c7e3bc
-
SHA256
14bdf9b3bcb10c51b8dc10275ced93259dbf62ce31331ab3ccf6e5317d7a3cf5
-
SHA512
abbc4b43d620d2c36754509f82fa20b907a1c8018eed48093c1c4897d01248f1f8d6b1e7578f686c5deb12c62d7b89839b9d34f8be4bd869ff4066b42e6f49d2
Static task
static1
Behavioral task
behavioral1
Sample
SecuriteInfo.com.BackDoor.Meterpreter.166.30487.16509.exe
Resource
win7v20201028
Behavioral task
behavioral2
Sample
SecuriteInfo.com.BackDoor.Meterpreter.166.30487.16509.exe
Resource
win10v20201028
Malware Config
Extracted
metasploit
windows/download_exec
http://778899aabb.ml:443/Yj2h
Targets
-
-
Target
SecuriteInfo.com.BackDoor.Meterpreter.166.30487.16509
-
Size
303KB
-
MD5
48073731d6bc08d6edba5cd9e157729a
-
SHA1
1f45b9d7573d182449935c1d39bde1fb11c7e3bc
-
SHA256
14bdf9b3bcb10c51b8dc10275ced93259dbf62ce31331ab3ccf6e5317d7a3cf5
-
SHA512
abbc4b43d620d2c36754509f82fa20b907a1c8018eed48093c1c4897d01248f1f8d6b1e7578f686c5deb12c62d7b89839b9d34f8be4bd869ff4066b42e6f49d2
Score10/10-
MetaSploit
Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
-
Suspicious use of NtCreateProcessExOtherParentProcess
-
Suspicious use of NtCreateUserProcessOtherParentProcess
-