Overview

overview

10

Static

static

3

3ac5a94279...16.exe

windows7-x64

10

3ac5a94279...16.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ac5a942797b111f4ba7a9304f5c36fdb179cac8be47997011c2de540e1e8d16

  • Size

    1.6MB

  • Sample

    240330-rhptdagg94

  • MD5

    32d166eed8b91ac09e11a0f6f7be40db

  • SHA1

    7f8adfccab9213aa0235719bddd0d2e67bce96b3

  • SHA256

    3ac5a942797b111f4ba7a9304f5c36fdb179cac8be47997011c2de540e1e8d16

  • SHA512

    f1ce3ef3f247852673532542af8264414b7a4ce6f9173f2dd2369a8ac6b4ca38b4e82c2b39fc4c6a5684309258770fa3c8b86a8ba60eeebc7332ddb677afd92a

  • SSDEEP

    49152:c8Ekly3vrb/T7vO90d7HjmAFd4A64nsfJeUvDgALNCpMWD1:Q3+

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

23.227.194.212:8443

Targets

    • Target

      3ac5a942797b111f4ba7a9304f5c36fdb179cac8be47997011c2de540e1e8d16

    • Size

      1.6MB

    • MD5

      32d166eed8b91ac09e11a0f6f7be40db

    • SHA1

      7f8adfccab9213aa0235719bddd0d2e67bce96b3

    • SHA256

      3ac5a942797b111f4ba7a9304f5c36fdb179cac8be47997011c2de540e1e8d16

    • SHA512

      f1ce3ef3f247852673532542af8264414b7a4ce6f9173f2dd2369a8ac6b4ca38b4e82c2b39fc4c6a5684309258770fa3c8b86a8ba60eeebc7332ddb677afd92a

    • SSDEEP

      49152:c8Ekly3vrb/T7vO90d7HjmAFd4A64nsfJeUvDgALNCpMWD1:Q3+

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

3
T1012

System Information Discovery

4
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks