metasploit | 8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02 | Triage

Sharing

General

Target

8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02
Size

864KB
Sample

240417-3z4jmsad66
MD5

209184893f466ae457d305a7911a4971
SHA1

ff6af8eb2059c8ec8d73c9217c250d61ad885421
SHA256

8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02
SHA512

e31fea944e88fad882f6ce435d0bb5d19c7e4ab67459e6ce23a6a8b43bb13f3205718083717ee8f159c40d647d923e935dbdeab5c7eecd0b2c8c5c3addaa4b20
SSDEEP

24576:G0CjcmSD6dzmPUAQ5YuE8fqG3wE/AsNNvrVl++3:BSdyPM5YOfqG3p/AmTF3

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.124.46:8060

Targets

- Target
  
  8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02
- Size
  
  864KB
- MD5
  
  209184893f466ae457d305a7911a4971
- SHA1
  
  ff6af8eb2059c8ec8d73c9217c250d61ad885421
- SHA256
  
  8b6f0355d65dc93206c440c2a64a3fb9cd6dc798848014529c8bbc872bfb0e02
- SHA512
  
  e31fea944e88fad882f6ce435d0bb5d19c7e4ab67459e6ce23a6a8b43bb13f3205718083717ee8f159c40d647d923e935dbdeab5c7eecd0b2c8c5c3addaa4b20
- SSDEEP
  
  24576:G0CjcmSD6dzmPUAQ5YuE8fqG3wE/AsNNvrVl++3:BSdyPM5YOfqG3p/AmTF3
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Suspicious use of NtSetInformationThreadHideFromDebugger
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan