metasploit | a6d83d134a7fdc7dafdddfdb8b5f0e8a41d3396d02915fb0beef7f2d3a7025bc | Triage

Submit
Reports

Overview

overview

Static

static

8

SecuriteIn...11.doc

windows7_x64

SecuriteIn...11.doc

windows10_x64

Sharing

General

Target

SecuriteInfo.com.VB.Heur2.EmoDldr.5.700FC47C.Gen.13195.5911
Size

68KB
Sample

210226-bdxpwdehqa
MD5

40f29a4e81362d9a05688a5eb279bcd6
SHA1

98bacf0e21570110c64672dd8f666f6490f28faa
SHA256

a6d83d134a7fdc7dafdddfdb8b5f0e8a41d3396d02915fb0beef7f2d3a7025bc
SHA512

93a19ad096579089fdcb87463acbbaf8711a4a44ab9f5fc5be3476ff92a59adc7e2b4b9a72cfce5d58499902bf418c72028235f33cd5db7c9ea026ffb04673e5

Score

10^/10

metasploit backdoor macro macro_on_action trojan

Static task

static1

macro macro_on_action

Behavioral task

behavioral1

Sample

SecuriteInfo.com.VB.Heur2.EmoDldr.5.700FC47C.Gen.13195.5911.doc

Resource

win7v20201028

metasploit backdoor trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

SecuriteInfo.com.VB.Heur2.EmoDldr.5.700FC47C.Gen.13195.5911.doc

Resource

win10v20201028

metasploit backdoor trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://remote.viowi.org:443/thumb/preview.gif

Targets

- Target
  
  SecuriteInfo.com.VB.Heur2.EmoDldr.5.700FC47C.Gen.13195.5911
- Size
  
  68KB
- MD5
  
  40f29a4e81362d9a05688a5eb279bcd6
- SHA1
  
  98bacf0e21570110c64672dd8f666f6490f28faa
- SHA256
  
  a6d83d134a7fdc7dafdddfdb8b5f0e8a41d3396d02915fb0beef7f2d3a7025bc
- SHA512
  
  93a19ad096579089fdcb87463acbbaf8711a4a44ab9f5fc5be3476ff92a59adc7e2b4b9a72cfce5d58499902bf418c72028235f33cd5db7c9ea026ffb04673e5
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macromacro_on_action

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan

© 2018-2024

Terms | Privacy