metasploit | a9065daea54083ef8f8496d8120fd5aafb5cd64699f0ea241b2ad96f08fb9e2c | Triage

Sharing

General

Target

62.exe
Size

17KB
Sample

230817-v87zesda6s
MD5

c057a7606fbf30b436abd1a54c120e5b
SHA1

2a265c41281f39bd682e19bf223a83b878f541ee
SHA256

a9065daea54083ef8f8496d8120fd5aafb5cd64699f0ea241b2ad96f08fb9e2c
SHA512

baaa36cff95808633402c794abc354d8018eb1492b4e71ad0e48e32685cf7d8f756fecc47c8c3bbea41a6b5ef264fb3bb00574d16777fab5df2a6604642fe402
SSDEEP

384:9EEoLO56ayzcMj+2+X+Kc9IDqwFCYgaw7hwmc39nfTlyv7yJC/:aE8O56lcV2+XCXYgaw7zctfTlyv7yJC/

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

173.212.219.45:6006

Targets

- Target
  
  62.exe
- Size
  
  17KB
- MD5
  
  c057a7606fbf30b436abd1a54c120e5b
- SHA1
  
  2a265c41281f39bd682e19bf223a83b878f541ee
- SHA256
  
  a9065daea54083ef8f8496d8120fd5aafb5cd64699f0ea241b2ad96f08fb9e2c
- SHA512
  
  baaa36cff95808633402c794abc354d8018eb1492b4e71ad0e48e32685cf7d8f756fecc47c8c3bbea41a6b5ef264fb3bb00574d16777fab5df2a6604642fe402
- SSDEEP
  
  384:9EEoLO56ayzcMj+2+X+Kc9IDqwFCYgaw7hwmc39nfTlyv7yJC/:aE8O56lcV2+XCXYgaw7zctfTlyv7yJC/
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan