metasploit

User tags

Assigned on submission by the user, not by sandbox detections.

Threatview.io Proactive Hunter

Sharing

Copy URL

Twitter E-mail

General

Target

079_Apprentice_LM.exe
Size

2.6MB
Sample

230519-clarasdd9v
MD5

7a74c18c02ad2e5935f3f3aa2c66582f
SHA1

9cecb86ff2dd2b1574eb7d5c47024c7212ffd647
SHA256

dd365bece1468d674807de41d98a37f039c663209c98d649431ef77a6f1debcb
SHA512

8de3af6a6fcf2484085a86d7fee8e9e4a532c3a3d6136e5cfbecc05e798e29fcf34379fd9cb9ad19ed56b9aa9ba2a16eb4f23c94a36bc4826be0adf1b276194a
SSDEEP

24576:n0GFGKkcetCKwKCeWmPzGty4fYnln66SNQiB/ZiOKPWadgWwUwAFoSR8eMlRrtbk:H2htllWEQYnlnqBBZqRJoA2zZbWN

Score

10^/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

http://193.117.208.107:7200/FYUZRPJCYUWHaYZo5LIiKQ8leDzCwa4m62rmVgRuMXuLW7xVKXogGfa9xq_4QrNB4KGaVdln1xv0UzGHXgpULNPWYATkGbBXkEvkm3nZZO91cn1ogYh7_Bq4A8DwTiE_vmENYTxK2JmaqyDxTFVQ9fO-HkLR_ePsEeJ1sqQ6P7lu8zlCSoEw3bgP5ZScOsC0Uc_odzkatGXZGpAFYjmo

Targets

- Target
  
  079_Apprentice_LM.exe
- Size
  
  2.6MB
- MD5
  
  7a74c18c02ad2e5935f3f3aa2c66582f
- SHA1
  
  9cecb86ff2dd2b1574eb7d5c47024c7212ffd647
- SHA256
  
  dd365bece1468d674807de41d98a37f039c663209c98d649431ef77a6f1debcb
- SHA512
  
  8de3af6a6fcf2484085a86d7fee8e9e4a532c3a3d6136e5cfbecc05e798e29fcf34379fd9cb9ad19ed56b9aa9ba2a16eb4f23c94a36bc4826be0adf1b276194a
- SSDEEP
  
  24576:n0GFGKkcetCKwKCeWmPzGty4fYnln66SNQiB/ZiOKPWadgWwUwAFoSR8eMlRrtbk:H2htllWEQYnlnqBBZqRJoA2zZbWN
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

User tags

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Loads dropped DLL

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2