Overview

overview

10

Static

static

3

dfebd8c7c6...1f.exe

windows7-x64

10

dfebd8c7c6...1f.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dfebd8c7c69ad9b496a30d30812c3742b72417782d9705bc9d1b236189b4241f

  • Size

    14KB

  • Sample

    240418-hv8ycafe8s

  • MD5

    ee141f78739c3a894210e7498a71af94

  • SHA1

    3b28add0562f16c30380b9f4c3d25d1c23d941ff

  • SHA256

    dfebd8c7c69ad9b496a30d30812c3742b72417782d9705bc9d1b236189b4241f

  • SHA512

    8538a53c38c1052055940cf58ff7d5182f56bc51cdd93f840b9eed36fa839cdabbf7884db728ea1c6c02916a772c210baa6d8d7cc175cc23a186ff3db37373d3

  • SSDEEP

    192:u3mbPYCfMcrfOIuZmvKQxtzlSIVX6NO/WzTBejDMN1:tMCfrfQ6tBSIRWzteUN1

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://142.171.27.92:6363/FTjX

Attributes
  • headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0)

Targets

    • Target

      dfebd8c7c69ad9b496a30d30812c3742b72417782d9705bc9d1b236189b4241f

    • Size

      14KB

    • MD5

      ee141f78739c3a894210e7498a71af94

    • SHA1

      3b28add0562f16c30380b9f4c3d25d1c23d941ff

    • SHA256

      dfebd8c7c69ad9b496a30d30812c3742b72417782d9705bc9d1b236189b4241f

    • SHA512

      8538a53c38c1052055940cf58ff7d5182f56bc51cdd93f840b9eed36fa839cdabbf7884db728ea1c6c02916a772c210baa6d8d7cc175cc23a186ff3db37373d3

    • SSDEEP

      192:u3mbPYCfMcrfOIuZmvKQxtzlSIVX6NO/WzTBejDMN1:tMCfrfQ6tBSIRWzteUN1

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks