metasploit | f312af33b6d35d2ef35e57d5f48fe8a17ac90389c9cd6b8668c2f2eee6b24c50 | Triage

Sharing

General

Target

f312af33b6d35d2ef35e57d5f48fe8a17ac90389c9cd6b8668c2f2eee6b24c50
Size

144KB
Sample

221011-g3pc8shhc5
MD5

782f95a7f9adf367afb99363df1414fa
SHA1

070961d176e1d3ee0b36d54ee00835d403b38d9c
SHA256

f312af33b6d35d2ef35e57d5f48fe8a17ac90389c9cd6b8668c2f2eee6b24c50
SHA512

ed6efbeee289755a17b9bebbc71c764c79d35045695713e629fbf14ea2374598d6e620cf1d298455cc56231929395436f4879b1ce48df9934dad856d9d090f13
SSDEEP

1536:vefK91Of5uKsOSIG6l31SvSNp4Gven5Lqd/n4018eMSrpl:vcOORu3OvG21DNpMmdb59rpl

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

200.0.0.162:4443

Targets

- Target
  
  f312af33b6d35d2ef35e57d5f48fe8a17ac90389c9cd6b8668c2f2eee6b24c50
- Size
  
  144KB
- MD5
  
  782f95a7f9adf367afb99363df1414fa
- SHA1
  
  070961d176e1d3ee0b36d54ee00835d403b38d9c
- SHA256
  
  f312af33b6d35d2ef35e57d5f48fe8a17ac90389c9cd6b8668c2f2eee6b24c50
- SHA512
  
  ed6efbeee289755a17b9bebbc71c764c79d35045695713e629fbf14ea2374598d6e620cf1d298455cc56231929395436f4879b1ce48df9934dad856d9d090f13
- SSDEEP
  
  1536:vefK91Of5uKsOSIG6l31SvSNp4Gven5Lqd/n4018eMSrpl:vcOORu3OvG21DNpMmdb59rpl
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan