Overview

overview

10

Static

static

8

a1bc48d75b...f2.exe

windows7_x64

10

a1bc48d75b...f2.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a1bc48d75bee7b2afcd7e035effda4960d9346f7fd087b05a53cc0ca539175f2

  • Size

    313KB

  • Sample

    220520-dtpe4afce4

  • MD5

    ab99d86641bc4e215cd5c5cb7901f296

  • SHA1

    60ae30ec44ee3eb2d057717ccaf7ad2b0b5cdb81

  • SHA256

    a1bc48d75bee7b2afcd7e035effda4960d9346f7fd087b05a53cc0ca539175f2

  • SHA512

    23a129543a547cc147b20d55e8bd8657cc6e400bb048825220e033ed9e7e0552c6981eb4a8cfb309b78cf8ae72e3f164fc355a9c4acace4ded291c1dfcd95c7a

Score
10/10
metasploitbackdoortrojanupx

Malware Config

Targets

    • Target

      a1bc48d75bee7b2afcd7e035effda4960d9346f7fd087b05a53cc0ca539175f2

    • Size

      313KB

    • MD5

      ab99d86641bc4e215cd5c5cb7901f296

    • SHA1

      60ae30ec44ee3eb2d057717ccaf7ad2b0b5cdb81

    • SHA256

      a1bc48d75bee7b2afcd7e035effda4960d9346f7fd087b05a53cc0ca539175f2

    • SHA512

      23a129543a547cc147b20d55e8bd8657cc6e400bb048825220e033ed9e7e0552c6981eb4a8cfb309b78cf8ae72e3f164fc355a9c4acace4ded291c1dfcd95c7a

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks