metasploit | 17b3d6656dd5a00b260a918ea01843d9eacd99edafb7e7709082aa526d69c796 | Triage

Submit
Reports

Overview

overview

Static

static

17b3d6656d...96.msi

windows7-x64

17b3d6656d...96.msi

windows10-2004-x64

Sharing

General

Target

17b3d6656dd5a00b260a918ea01843d9eacd99edafb7e7709082aa526d69c796
Size

124KB
Sample

220724-yg5a1aedaj
MD5

156064a8746202f13f6b1c2a7404272a
SHA1

48e7636fc4ea0e3170a5de5d979961adfec8f612
SHA256

17b3d6656dd5a00b260a918ea01843d9eacd99edafb7e7709082aa526d69c796
SHA512

0947e62030e5ab32dcc1c87d47f3d4244722139f7d7948f9410bcf0ed545906fa1ec31563a4bb5fdc5329ce0962a97fc336631ef9d5bf397a75352033a6bf21f

Score

10^/10

metasploit backdoor trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

17b3d6656dd5a00b260a918ea01843d9eacd99edafb7e7709082aa526d69c796.msi

Resource

win7-20220718-en

metasploit backdoor trojan

windows7-x64

9 signatures

150 seconds

Behavioral task

behavioral2

Sample

17b3d6656dd5a00b260a918ea01843d9eacd99edafb7e7709082aa526d69c796.msi

Resource

win10v2004-20220721-en

metasploit backdoor trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

158.69.130.136:8443

Targets

- Target
  
  17b3d6656dd5a00b260a918ea01843d9eacd99edafb7e7709082aa526d69c796
- Size
  
  124KB
- MD5
  
  156064a8746202f13f6b1c2a7404272a
- SHA1
  
  48e7636fc4ea0e3170a5de5d979961adfec8f612
- SHA256
  
  17b3d6656dd5a00b260a918ea01843d9eacd99edafb7e7709082aa526d69c796
- SHA512
  
  0947e62030e5ab32dcc1c87d47f3d4244722139f7d7948f9410bcf0ed545906fa1ec31563a4bb5fdc5329ce0962a97fc336631ef9d5bf397a75352033a6bf21f
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan

© 2018-2024

Terms | Privacy