Overview

overview

10

Static

static

10

36ae49b1a7...21.exe

windows7-x64

10

36ae49b1a7...21.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    36ae49b1a75c2b3ecb3265f0c427d0d36db6455892d006b62832f2213a44fc21

  • Size

    333KB

  • Sample

    221129-lsz47sge76

  • MD5

    44d175d19edcdb6b3ae647f10c5287a0

  • SHA1

    c194de17da509b302ebd60bde04c437cda90a50c

  • SHA256

    36ae49b1a75c2b3ecb3265f0c427d0d36db6455892d006b62832f2213a44fc21

  • SHA512

    b5ec9c39704137c1acb62804ff089db58fd1ff6b45c1655c8a4b32da87564b034bd862e6fd83b3bab29518c806399d067d485f4012f8044abdaf2851a5866fbc

  • SSDEEP

    6144:iyitl5T6u1YsB5oBo/ZTk3T2A6LYiViu2Iy67c2C2R:YtlJYsB5M36AaiFIy6zR

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

161.246.5.153:4444

Targets

    • Target

      36ae49b1a75c2b3ecb3265f0c427d0d36db6455892d006b62832f2213a44fc21

    • Size

      333KB

    • MD5

      44d175d19edcdb6b3ae647f10c5287a0

    • SHA1

      c194de17da509b302ebd60bde04c437cda90a50c

    • SHA256

      36ae49b1a75c2b3ecb3265f0c427d0d36db6455892d006b62832f2213a44fc21

    • SHA512

      b5ec9c39704137c1acb62804ff089db58fd1ff6b45c1655c8a4b32da87564b034bd862e6fd83b3bab29518c806399d067d485f4012f8044abdaf2851a5866fbc

    • SSDEEP

      6144:iyitl5T6u1YsB5oBo/ZTk3T2A6LYiViu2Iy67c2C2R:YtlJYsB5M36AaiFIy6zR

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks