metasploit | ba739a3d29ccde2021633e2fba2269e2b97b3e232c2eb1af9b98f1dc44d1c45d | Triage

Sharing

General

Target

b9083ead1fdc81269658a0442dff49fb
Size

29.7MB
Sample

240307-sj1gyafb7v
MD5

b9083ead1fdc81269658a0442dff49fb
SHA1

baa1c6ce87d4d76c064e73092e9181c8077d4f80
SHA256

ba739a3d29ccde2021633e2fba2269e2b97b3e232c2eb1af9b98f1dc44d1c45d
SHA512

39363f9d96ada4e7560f69767ced220dc4953d3aa0a86d90bc5a440e2d60064c137eb877b8f977ecc06a222af634c9f3bd99c2bc1ccbcade7bb067b0ea38c425
SSDEEP

786432:s3K9PPIR4mQfn287Yfvszax3uwR1CeNRgushjsoWUWKgGk5fk:wKBq4mQf28c2ax3Z7gZhjZWUWKgx5k

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.21.208.201:4444

Targets

- Target
  
  b9083ead1fdc81269658a0442dff49fb
- Size
  
  29.7MB
- MD5
  
  b9083ead1fdc81269658a0442dff49fb
- SHA1
  
  baa1c6ce87d4d76c064e73092e9181c8077d4f80
- SHA256
  
  ba739a3d29ccde2021633e2fba2269e2b97b3e232c2eb1af9b98f1dc44d1c45d
- SHA512
  
  39363f9d96ada4e7560f69767ced220dc4953d3aa0a86d90bc5a440e2d60064c137eb877b8f977ecc06a222af634c9f3bd99c2bc1ccbcade7bb067b0ea38c425
- SSDEEP
  
  786432:s3K9PPIR4mQfn287Yfvszax3uwR1CeNRgushjsoWUWKgGk5fk:wKBq4mQf28c2ax3Z7gZhjZWUWKgx5k
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan