metasploit | 3506181995668bb1c5ed1cf0fb42fda61b26347504842d0caa68e923d8c87ecf | Triage

Sharing

General

Target

3506181995668bb1c5ed1cf0fb42fda61b26347504842d0caa68e923d8c87ecf
Size

989KB
Sample

240329-yhyvlsha35
MD5

6113da500f760f50b1f3eba30e025c6a
SHA1

6a9e1fe70cd0fa3e3340af21427adf7e1d16b5a7
SHA256

3506181995668bb1c5ed1cf0fb42fda61b26347504842d0caa68e923d8c87ecf
SHA512

355a2e93248edc540a099819688f9fdb91a3200d730a90d8732f44775ea39bfcfa7cd58bf5f4916a25c2e8fe280c123359aa3275b617509bf82b1858e5e8e6fc
SSDEEP

12288:ffPS8r93IQBrzzjkiqvbJYR8vMVUJ/4gHVL4rESZozxjgM6i:fyw42rpqVY6/+8gs

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://91.92.250.41:80/JLYm

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; BOIE9;ENUSMSE)

Targets

- Target
  
  3506181995668bb1c5ed1cf0fb42fda61b26347504842d0caa68e923d8c87ecf
- Size
  
  989KB
- MD5
  
  6113da500f760f50b1f3eba30e025c6a
- SHA1
  
  6a9e1fe70cd0fa3e3340af21427adf7e1d16b5a7
- SHA256
  
  3506181995668bb1c5ed1cf0fb42fda61b26347504842d0caa68e923d8c87ecf
- SHA512
  
  355a2e93248edc540a099819688f9fdb91a3200d730a90d8732f44775ea39bfcfa7cd58bf5f4916a25c2e8fe280c123359aa3275b617509bf82b1858e5e8e6fc
- SSDEEP
  
  12288:ffPS8r93IQBrzzjkiqvbJYR8vMVUJ/4gHVL4rESZozxjgM6i:fyw42rpqVY6/+8gs
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

metasploitbackdoortrojan