metasploit | 4e010f8f24bdd07321988fae0b6392219296a2cfd49101b7d9c8c48d35baf0d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

secure.exe
Size

72KB
Sample

231013-e3xnhafh32
MD5

51b443ac219e5873e99958de1352457c
SHA1

91ff96cc526147301fd7936f3fd27573e73b1fef
SHA256

4e010f8f24bdd07321988fae0b6392219296a2cfd49101b7d9c8c48d35baf0d6
SHA512

1436d221d216922a40fcee1a044a3e03c856322208eab8e09400eb871cecdd4132f8fb90100c25c424b54d6f5d98a407538644d0cf6e1b201932c56a69a6f691
SSDEEP

1536:ImnD3x3VxS1eAThufNNtExEjoHTvYnOMHrIUq15Mb+KR0Nc8QsJq39:XDLx0eAQcyoHTvYnNrIUqne0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://94.131.111.223:8443/Q6vaLb13IOE5TThMXEmvhwvnTwgPGKRTQYaJKYwwUOI9KeGq7cF_-rQYGhroRKLCLG-h-xCxCM3s2xcDIwlASsL2nurdqWt4IlJiv

Targets

- Target
  
  secure.exe
- Size
  
  72KB
- MD5
  
  51b443ac219e5873e99958de1352457c
- SHA1
  
  91ff96cc526147301fd7936f3fd27573e73b1fef
- SHA256
  
  4e010f8f24bdd07321988fae0b6392219296a2cfd49101b7d9c8c48d35baf0d6
- SHA512
  
  1436d221d216922a40fcee1a044a3e03c856322208eab8e09400eb871cecdd4132f8fb90100c25c424b54d6f5d98a407538644d0cf6e1b201932c56a69a6f691
- SSDEEP
  
  1536:ImnD3x3VxS1eAThufNNtExEjoHTvYnOMHrIUq15Mb+KR0Nc8QsJq39:XDLx0eAQcyoHTvYnNrIUqne0Nc8QsC9
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Downloads MZ/PE file
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan