Overview

overview

10

Static

static

10

payload.exe

windows7-x64

10

payload.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    payload.exe

  • Size

    72KB

  • Sample

    230324-qsr6taef54

  • MD5

    d2aebd19c5bc98b5534b1f83e667fde3

  • SHA1

    79dde83322e66efd01b49f94171c63171b435d15

  • SHA256

    4019913a4bcaace8697e23821dcbaa47e55a5b3d2e43961cb49c08b3679f74a9

  • SHA512

    925cdcc55d2ef8588460df4f39f2fa0def15bd5ae7379d88ca46352e1553eeb0d9483162b85afe9312c15b4cbf1b0893ddbacedf5a091410c8d2ba3ae15d9c39

  • SSDEEP

    1536:I+iT04DeHtCn5fsoPflX8I5UBMb+KR0Nc8QsJq39:soMeHtCdPzSe0Nc8QsC9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp_allports

C2

46.101.123.187:8181

Targets

    • Target

      payload.exe

    • Size

      72KB

    • MD5

      d2aebd19c5bc98b5534b1f83e667fde3

    • SHA1

      79dde83322e66efd01b49f94171c63171b435d15

    • SHA256

      4019913a4bcaace8697e23821dcbaa47e55a5b3d2e43961cb49c08b3679f74a9

    • SHA512

      925cdcc55d2ef8588460df4f39f2fa0def15bd5ae7379d88ca46352e1553eeb0d9483162b85afe9312c15b4cbf1b0893ddbacedf5a091410c8d2ba3ae15d9c39

    • SSDEEP

      1536:I+iT04DeHtCn5fsoPflX8I5UBMb+KR0Nc8QsJq39:soMeHtCdPzSe0Nc8QsC9

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks