Overview

overview

10

Static

static

7

Powerfull-fud.exe

windows7-x64

10

Powerfull-fud.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Powerfull-fud.exe

  • Size

    1.8MB

  • Sample

    230720-ndt1ragb69

  • MD5

    bd22f2cc28952149865f1cad07fce151

  • SHA1

    d2d5c6d8e96f8d482d699cebc41f26c36133b4d0

  • SHA256

    11ea03b8c99fafb3c5bdc506918118202294fd8afe2b1880f813ed0f09434b1c

  • SHA512

    236e23049a810b9fce895ba08188767885ceff68082ee8572673c80558694c8c2df2f0791d8069b89797225b6ec5a775dae818f7fae616eac535cf99a666c067

  • SSDEEP

    49152:9anUJUDYfzKQKzbbKXQDtNH/NjA9DJWjn076c:9anZ0zAEa/VA7/2c

Score
10/10
metasploitbackdoortrojanupx

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

74.207.240.21:9289

Targets

    • Target

      Powerfull-fud.exe

    • Size

      1.8MB

    • MD5

      bd22f2cc28952149865f1cad07fce151

    • SHA1

      d2d5c6d8e96f8d482d699cebc41f26c36133b4d0

    • SHA256

      11ea03b8c99fafb3c5bdc506918118202294fd8afe2b1880f813ed0f09434b1c

    • SHA512

      236e23049a810b9fce895ba08188767885ceff68082ee8572673c80558694c8c2df2f0791d8069b89797225b6ec5a775dae818f7fae616eac535cf99a666c067

    • SSDEEP

      49152:9anUJUDYfzKQKzbbKXQDtNH/NjA9DJWjn076c:9anZ0zAEa/VA7/2c

    Score
    10/10
    metasploitbackdoortrojanupx

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks