Overview

overview

10

Static

static

3

fb9e50c7b4...8f.exe

windows7-x64

10

fb9e50c7b4...8f.exe

windows10-2004-x64

10

Sharing

Copy URL Twitter E-mail

General

  • Target

    fb9e50c7b41f589eb30ab444c97d762b88b53c8c60a1b0a6be520a74bdf6b98f

  • Size

    36KB

  • Sample

    231001-h511gsah52

  • MD5

    46b921028d84962a02a75d654f691762

  • SHA1

    c63256908e5dfefbe096e24a8fcb5ff11ae450d2

  • SHA256

    fb9e50c7b41f589eb30ab444c97d762b88b53c8c60a1b0a6be520a74bdf6b98f

  • SHA512

    99338cb2b882eaca38c8ce3246196144e914ee639063d4ee583a8dc7c2c74af14e8736f389e3d688e34084a36ab4a41c22fd65b57f632000402384e6cbfd2c71

  • SSDEEP

    384:9ilsxZImcmMwt2QPsApVBOQe+jmxr4wPhVZvF/dFB8AZ:9ilcKfmMu2QPZpVwh1hVBFFFB8

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://123.60.171.65:7878/FtRP

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUS)

Targets

    • Target

      fb9e50c7b41f589eb30ab444c97d762b88b53c8c60a1b0a6be520a74bdf6b98f

    • Size

      36KB

    • MD5

      46b921028d84962a02a75d654f691762

    • SHA1

      c63256908e5dfefbe096e24a8fcb5ff11ae450d2

    • SHA256

      fb9e50c7b41f589eb30ab444c97d762b88b53c8c60a1b0a6be520a74bdf6b98f

    • SHA512

      99338cb2b882eaca38c8ce3246196144e914ee639063d4ee583a8dc7c2c74af14e8736f389e3d688e34084a36ab4a41c22fd65b57f632000402384e6cbfd2c71

    • SSDEEP

      384:9ilsxZImcmMwt2QPsApVBOQe+jmxr4wPhVZvF/dFB8AZ:9ilcKfmMu2QPZpVwh1hVBFFFB8

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks