Overview

overview

10

Static

static

3

6c8ed3fea4...39.exe

windows7-x64

10

6c8ed3fea4...39.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6c8ed3fea4377b29b5c67935833a8daec2f4bcfc3ce60c218bf172657d2cab39.exe

  • Size

    4.6MB

  • Sample

    240106-lyytbschbk

  • MD5

    2a2f7842b3dc5ee4b6c2f6d225dcb6dc

  • SHA1

    49edab8d0c81f7554aa236155f80172393a2df75

  • SHA256

    6c8ed3fea4377b29b5c67935833a8daec2f4bcfc3ce60c218bf172657d2cab39

  • SHA512

    2d83cc70b880e041a065f2c24f418ed786dae5258604caab8cc007fbcf799917a15d52764057123af7edd919be13b34a8b81102e5e1bfc7d3b30478ee5aaa73c

  • SSDEEP

    98304:/PuHQcsibw8SPLeTtSQo5Z8DERxrfExYzrR3nk8Y5TfvtJK:nuwcXMHLKy6txmxk8sJK

Score
10/10
metasploitbackdoorpyinstallertrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.198.129:6666

Targets

    • Target

      6c8ed3fea4377b29b5c67935833a8daec2f4bcfc3ce60c218bf172657d2cab39.exe

    • Size

      4.6MB

    • MD5

      2a2f7842b3dc5ee4b6c2f6d225dcb6dc

    • SHA1

      49edab8d0c81f7554aa236155f80172393a2df75

    • SHA256

      6c8ed3fea4377b29b5c67935833a8daec2f4bcfc3ce60c218bf172657d2cab39

    • SHA512

      2d83cc70b880e041a065f2c24f418ed786dae5258604caab8cc007fbcf799917a15d52764057123af7edd919be13b34a8b81102e5e1bfc7d3b30478ee5aaa73c

    • SSDEEP

      98304:/PuHQcsibw8SPLeTtSQo5Z8DERxrfExYzrR3nk8Y5TfvtJK:nuwcXMHLKy6txmxk8sJK

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks