Overview

overview

10

Static

static

10

file1.pdf

windows10-2004-x64

1

template.exe

windows10-2004-x64

10

Resubmissions

29-03-2023 02:56

230329-dfhemagb71 10

27-03-2023 01:19

230327-bpqfgsch5v 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    file1

  • Size

    45KB

  • Sample

    230329-dfhemagb71

  • MD5

    ea69f9b813723dacf9070d008d03d73b

  • SHA1

    023a8a97234f24243ef042a6c3eda7d1b1e50268

  • SHA256

    589545c19e5c57de1599753de5b318221a200f1943809eea8478b7ee27383ddc

  • SHA512

    af77414e1e493264cafeccc24f74245a56cc0a6227c17d8f104437a47dae6d1d013866d5b619fa9136689ccd9ddd0f9b0d1c97bd19fef71accca275a19ed99f9

  • SSDEEP

    768:cwIzQVWtiRB8KqonmMvwrSi+8ory04GyckhmZ1fIewdRb3fE4PI1APVRNpP4X:cc2Kqobvw9PbtcUmbI3TPw2DLP4X

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

4.50.4.50:8080

Targets

    • Target

      file1

    • Size

      45KB

    • MD5

      ea69f9b813723dacf9070d008d03d73b

    • SHA1

      023a8a97234f24243ef042a6c3eda7d1b1e50268

    • SHA256

      589545c19e5c57de1599753de5b318221a200f1943809eea8478b7ee27383ddc

    • SHA512

      af77414e1e493264cafeccc24f74245a56cc0a6227c17d8f104437a47dae6d1d013866d5b619fa9136689ccd9ddd0f9b0d1c97bd19fef71accca275a19ed99f9

    • SSDEEP

      768:cwIzQVWtiRB8KqonmMvwrSi+8ory04GyckhmZ1fIewdRb3fE4PI1APVRNpP4X:cc2Kqobvw9PbtcUmbI3TPw2DLP4X

    Score
    1/10
    behavioral1

    • Target

      template.pdf

    • Size

      72KB

    • MD5

      79365fd915f87771cde5bd6d23fe3850

    • SHA1

      081c78eabc9b55c3819d15712d0b16b5b9fb7ac8

    • SHA256

      503c017c97f8168ecb5e8bec8efb41bb0fe6ca1e4dcb520cae3ea85bcbafc68c

    • SHA512

      811451d282d4668308b1f458cb6f3171e173f773a9b321e800999dab783b3a2793e819f479d5eb01292a621c1cdd657b74c35ca2b892c8ca935f803ad0e9ba8f

    • SSDEEP

      1536:IMESeoGQYeWDYKNvMMghMb+KR0Nc8QsJq39:veoGQYe4Mpe0Nc8QsC9

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks