metasploit | 64672e440233c0624ba97623be556888f354c3672b6623302be7f2f0e49a8d7b | Triage

Sharing

General

Target

Aws_x86.exe
Size

14KB
Sample

240112-ym5tqafba7
MD5

29faf60a5e4334150dcf1188f2cc5d02
SHA1

38e5b26f846f08c0861086eaddef993b6328a53d
SHA256

64672e440233c0624ba97623be556888f354c3672b6623302be7f2f0e49a8d7b
SHA512

abe497cb66e8ced67e8af731335fcd298ca2c4a662f7d24ab5b409fd9b51b8b048195e08cb345f2f68e7b58ce259bde2a6dcf931ba34e830b32a4c12efbc4631
SSDEEP

192:D3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOQ3shejDMN1:KMCfrfQ6tBSIWceUN1

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://54.186.231.5:8000/iRm4

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)

Targets

- Target
  
  Aws_x86.exe
- Size
  
  14KB
- MD5
  
  29faf60a5e4334150dcf1188f2cc5d02
- SHA1
  
  38e5b26f846f08c0861086eaddef993b6328a53d
- SHA256
  
  64672e440233c0624ba97623be556888f354c3672b6623302be7f2f0e49a8d7b
- SHA512
  
  abe497cb66e8ced67e8af731335fcd298ca2c4a662f7d24ab5b409fd9b51b8b048195e08cb345f2f68e7b58ce259bde2a6dcf931ba34e830b32a4c12efbc4631
- SSDEEP
  
  192:D3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOQ3shejDMN1:KMCfrfQ6tBSIWceUN1
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan