Overview

overview

10

Static

static

3

tmp.exe

windows7-x64

10

tmp.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmp

  • Size

    14KB

  • Sample

    231211-qpb1eshbc9

  • MD5

    a9cd040f3de100f802ccbce93bebd7a3

  • SHA1

    ceb22b979c3f2dcd50f659c48241a223bc8b19f3

  • SHA256

    8bfed2fc726e8d292fb7fd8238409aa096b8a17a6030c9aca6995bcbcf6b7a47

  • SHA512

    96597d94c297cd6450bf57adb5859c42d49628c58bb9eec330d666e338a2c39a0f06b0274381d58b7f54492cadd7a1bdde3926196b763d6e88a26e3ed0d2f508

  • SSDEEP

    192:ADH+DgGK83SxHn2OQ/dmBI4KBfTgir+xzx5a07bqUqV/Qjo7AGa:AT+kGKqbOCdWIVBff+xzaAfCXAn

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://81.70.153.38:80/zZ5S

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)

Targets

    • Target

      tmp

    • Size

      14KB

    • MD5

      a9cd040f3de100f802ccbce93bebd7a3

    • SHA1

      ceb22b979c3f2dcd50f659c48241a223bc8b19f3

    • SHA256

      8bfed2fc726e8d292fb7fd8238409aa096b8a17a6030c9aca6995bcbcf6b7a47

    • SHA512

      96597d94c297cd6450bf57adb5859c42d49628c58bb9eec330d666e338a2c39a0f06b0274381d58b7f54492cadd7a1bdde3926196b763d6e88a26e3ed0d2f508

    • SSDEEP

      192:ADH+DgGK83SxHn2OQ/dmBI4KBfTgir+xzx5a07bqUqV/Qjo7AGa:AT+kGKqbOCdWIVBff+xzaAfCXAn

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks