Overview

overview

10

Static

static

4b06e671ab...b4.exe

windows7-x64

10

4b06e671ab...b4.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4b06e671abc4b73aaa4382637592f863a23267ba85c2c878a12972cb72b904b4

  • Size

    123KB

  • Sample

    220919-ay6cmachhk

  • MD5

    97dc996e0452430e8baf53892eab60af

  • SHA1

    8954401eac73256dd11bc237a9f473af8f24cb4f

  • SHA256

    4b06e671abc4b73aaa4382637592f863a23267ba85c2c878a12972cb72b904b4

  • SHA512

    cee7bae760e351866dea0515f40eda7aca218b30c05e01ae34ff145bdf2e6efe9e8ccd087ab904c8b5b7e797c21f1a350789659f29b06c1d151875cc8e85b742

  • SSDEEP

    3072:sEvb4VxIJBCL3ce5ncyzG23UbuasNPp4boJi0oIDVc/hIPGl/CKWMCs13ymXh:s0b4VxIJBCL3ce5ncyzG23UbuasNPp45

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

    • Target

      4b06e671abc4b73aaa4382637592f863a23267ba85c2c878a12972cb72b904b4

    • Size

      123KB

    • MD5

      97dc996e0452430e8baf53892eab60af

    • SHA1

      8954401eac73256dd11bc237a9f473af8f24cb4f

    • SHA256

      4b06e671abc4b73aaa4382637592f863a23267ba85c2c878a12972cb72b904b4

    • SHA512

      cee7bae760e351866dea0515f40eda7aca218b30c05e01ae34ff145bdf2e6efe9e8ccd087ab904c8b5b7e797c21f1a350789659f29b06c1d151875cc8e85b742

    • SSDEEP

      3072:sEvb4VxIJBCL3ce5ncyzG23UbuasNPp4boJi0oIDVc/hIPGl/CKWMCs13ymXh:s0b4VxIJBCL3ce5ncyzG23UbuasNPp45

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Suspicious use of SetThreadContext

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks