metasploit | d07289e0a36b684ab1713487300a12afc15a2e63e500cd3410fb02625274c40c | Triage

Sharing

General

Target

d07289e0a36b684ab1713487300a12afc15a2e63e500cd3410fb02625274c40c
Size

7.5MB
Sample

240330-n5yg9afa99
MD5

fbd3b3d1068a63d0f590b7c648e7d9ac
SHA1

eff889d0af9514940521e5250fda13ab11637844
SHA256

d07289e0a36b684ab1713487300a12afc15a2e63e500cd3410fb02625274c40c
SHA512

006d71b0735211bac342912fad59b792d58e46b5e5e9fec931ceb66d587fa56f834b18791ea8b18e0f0e09e4eb6af41aa97a1b95c7532490651882277e5d2142
SSDEEP

196608:q6F2SW2A/+B/m0iuFvhsadjS20dNOM/5:L289f5xhsoS20dNDh

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

103.146.230.238:9612

Targets

- Target
  
  d07289e0a36b684ab1713487300a12afc15a2e63e500cd3410fb02625274c40c
- Size
  
  7.5MB
- MD5
  
  fbd3b3d1068a63d0f590b7c648e7d9ac
- SHA1
  
  eff889d0af9514940521e5250fda13ab11637844
- SHA256
  
  d07289e0a36b684ab1713487300a12afc15a2e63e500cd3410fb02625274c40c
- SHA512
  
  006d71b0735211bac342912fad59b792d58e46b5e5e9fec931ceb66d587fa56f834b18791ea8b18e0f0e09e4eb6af41aa97a1b95c7532490651882277e5d2142
- SSDEEP
  
  196608:q6F2SW2A/+B/m0iuFvhsadjS20dNOM/5:L289f5xhsoS20dNDh
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan