metasploit | 680ab4f205941d4c8eb8702aa83508e0eda56802abf0340c793f21b7975ca414 | Triage

Sharing

General

Target

da69111d0ba32fa46dfcf6dbb30d672d39bf5794951f5c4d69fb378eda4bd1ff.zip
Size

3KB
Sample

230321-rw3mdsba65
MD5

c261a89bb376e60eb8be5dea225d2938
SHA1

9bbd99362c3ee83564ae5a9e166a0bf17ba5078e
SHA256

680ab4f205941d4c8eb8702aa83508e0eda56802abf0340c793f21b7975ca414
SHA512

90fd3d051ba2382e9ced8f0c8c5fa3383736137db9be223a953f6e3b898f87b8ba60e0ec2ecb499b419aa94e13b49302dd274943fffc35f45ca22681c63b06fd

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://45.83.122.166:8080/4YWx

Targets

- Target
  
  da69111d0ba32fa46dfcf6dbb30d672d39bf5794951f5c4d69fb378eda4bd1ff.ps1
- Size
  
  6KB
- MD5
  
  2d14fc0abc9432b32d79353b89b9c294
- SHA1
  
  726b03c1667004bebd77f20d7090fa7b3954721a
- SHA256
  
  da69111d0ba32fa46dfcf6dbb30d672d39bf5794951f5c4d69fb378eda4bd1ff
- SHA512
  
  182f9a7fd862f67c1146309c59e72ab634be64c6d3dcd532efd9ac07b0eba100c90d3ea1b4dd51f0902e4c9d14f51620baa03208e23a66a4a97027f773a4cb5a
- SSDEEP
  
  192:+9iMvwGTCLLmuq3WoR8XycmA4gMrxYjxs+wA9zzL:+YMvNCLeWuUycmA4gMrxYVs+wA9zzL
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan