metasploit | a80576f241544e6fbd0a229b4d969f9934a77e8dc26f53b1243e7f639f28bcc6 | Triage

Sharing

General

Target

Invoice-1002.pdf
Size

87KB
Sample

210506-ew8jdl6z46
MD5

57e89c28665801cb8448937e05dd89d5
SHA1

5a75811a2db79ad2108188a7d1c3377493383f9e
SHA256

a80576f241544e6fbd0a229b4d969f9934a77e8dc26f53b1243e7f639f28bcc6
SHA512

58720ad2a5b85389f38082a67c1e4aee8b9e248543e3091bad8515ed049b04e3fa684def2c04d3d914e8fdf4fa81e9971d942f8bac53bca14419aa0ffec8cd17

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

172.19.255.48:443

Targets

- Target
  
  Invoice-1002.pdf
- Size
  
  87KB
- MD5
  
  57e89c28665801cb8448937e05dd89d5
- SHA1
  
  5a75811a2db79ad2108188a7d1c3377493383f9e
- SHA256
  
  a80576f241544e6fbd0a229b4d969f9934a77e8dc26f53b1243e7f639f28bcc6
- SHA512
  
  58720ad2a5b85389f38082a67c1e4aee8b9e248543e3091bad8515ed049b04e3fa684def2c04d3d914e8fdf4fa81e9971d942f8bac53bca14419aa0ffec8cd17
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  1002-Contoso.pdf
- Size
  
  72KB
- MD5
  
  b6c91d5c68529f39be286ced0e473a63
- SHA1
  
  cfe3312ace153f13faa6da5defd0bd57c7f85aee
- SHA256
  
  f436586c9c49e46a759d7fa07853b1d5c54ff6c42133db68bd03c97eef4ea997
- SHA512
  
  0d78ed3ceade93596d10419316059faa6f53ecb805f2885055545157009062e2f99b8058b5c77d3e9e9e8b944abdbd3705e37887b4ed52b0168d460af6c669f9
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral3 behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

behavioral3

metasploitbackdoortrojan

behavioral4

metasploitbackdoortrojan