metasploit | 0685a699fb13d6bc99b6aee35381acf77b00155d56e7448a300aa308fd07598c | Triage

Submit
Reports

Overview

overview

Static

static

Windows 7 VM

windows7_x64

Windows 10 VM

windows10_x64

Sharing

General

Target

Avast-Setup-v8.56.msi
Size

156KB
Sample

210509-vzg5hd6s6j
MD5

a31c17a0a4a0d3caf0472c747c890d1a
SHA1

2022484abc139e3643dcf2e1f29a0e52564e738f
SHA256

0685a699fb13d6bc99b6aee35381acf77b00155d56e7448a300aa308fd07598c
SHA512

b551814e1056a96298fab0de7bdc3d746ff7db07cdb0d3b5dc39ee8fc260e03de8b7b329226ce8dbc50bcd809bb8d335fd0de7f2eddf5748d1ed990b5ff0af14

Score

10^/10

metasploit backdoor macro trojan xlm

Static task

static1

macro xlm metasploit

Behavioral task

behavioral1

Sample

Avast-Setup-v8.56.msi

Resource

win7v20210410

metasploit backdoor trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Avast-Setup-v8.56.msi

Resource

win10v20210408

metasploit backdoor trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

3.141.210.37:18573

Targets

- Target
  
  Avast-Setup-v8.56.msi
- Size
  
  156KB
- MD5
  
  a31c17a0a4a0d3caf0472c747c890d1a
- SHA1
  
  2022484abc139e3643dcf2e1f29a0e52564e738f
- SHA256
  
  0685a699fb13d6bc99b6aee35381acf77b00155d56e7448a300aa308fd07598c
- SHA512
  
  b551814e1056a96298fab0de7bdc3d746ff7db07cdb0d3b5dc39ee8fc260e03de8b7b329226ce8dbc50bcd809bb8d335fd0de7f2eddf5748d1ed990b5ff0af14
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macroxlmmetasploit

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan

© 2018-2024

Terms | Privacy