metasploit | d819bda110e3afa9682e7f9b741571b3015c8818e340cf01132ca632717ab178 | Triage

Sharing

General

Target

KmsRNyL4oQ.exe
Size

6.4MB
Sample

220601-s48n2shec9
MD5

d9170f66194db0d9f605edd0dc6c69ca
SHA1

063d5e6a67d18698baa3654a3e7771a3b1a03203
SHA256

d819bda110e3afa9682e7f9b741571b3015c8818e340cf01132ca632717ab178
SHA512

dd5622bd69f55e78ecd6c9d5e36c9972d6c773a3a3a7f8d6a958cf81869df776cc771a750dbdb98fd393ca3cf380ddd272c645c507fac5b3335e43908d5e5002

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

0.0.0.0:0

Targets

- Target
  
  KmsRNyL4oQ.exe
- Size
  
  6.4MB
- MD5
  
  d9170f66194db0d9f605edd0dc6c69ca
- SHA1
  
  063d5e6a67d18698baa3654a3e7771a3b1a03203
- SHA256
  
  d819bda110e3afa9682e7f9b741571b3015c8818e340cf01132ca632717ab178
- SHA512
  
  dd5622bd69f55e78ecd6c9d5e36c9972d6c773a3a3a7f8d6a958cf81869df776cc771a750dbdb98fd393ca3cf380ddd272c645c507fac5b3335e43908d5e5002
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan