Overview

overview

10

Static

static

227e8678d8...f9.exe

windows7_x64

10

227e8678d8...f9.exe

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9

  • Size

    1.0MB

  • Sample

    220127-z81mkabch3

  • MD5

    af064499da08c11936e3c1d66acae650

  • SHA1

    8cb2db16546062d3b262a61c5a9c1f025662f19d

  • SHA256

    227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9

  • SHA512

    0540d3fdaf5a0d8ea05647bca0967467725148dc8fe7f97705218000fa38bbad4d31abc03cfd2ba0bb532c73cdebec53f9a78e83b5488e3b59a6458afd5edbd2

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9

    • Size

      1.0MB

    • MD5

      af064499da08c11936e3c1d66acae650

    • SHA1

      8cb2db16546062d3b262a61c5a9c1f025662f19d

    • SHA256

      227e8678d85bff501bb909e0d61ee25554bf99c94e47c0194da53e7c246687f9

    • SHA512

      0540d3fdaf5a0d8ea05647bca0967467725148dc8fe7f97705218000fa38bbad4d31abc03cfd2ba0bb532c73cdebec53f9a78e83b5488e3b59a6458afd5edbd2

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks