Overview

overview

10

Static

static

10

PQR32F.exe

windows7-x64

10

PQR32F.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    PQR32F.exe

  • Size

    72KB

  • Sample

    240418-lpfamaaf6y

  • MD5

    b49543b20a02ce4c06df91be046a4c6d

  • SHA1

    c3493f2fa9766ff0ccaed981abe22c165b5cf91c

  • SHA256

    0665859071d55def00614dd1b31821421c9f0341912e65587516d5f512b7e30c

  • SHA512

    99034ff80573d264ef64d49d6a873d2ea3ef338607c9a9a8faa288de3b002b537924cfa9a81453e5397b4a269146f16afc7d27412a1ca95587e0e719ad29c89f

  • SSDEEP

    768:IznY+YYUTMvPo3pVq+8aa5m3NujJFQz0QPcegV3RPCHSckzCScx4qXfb+KRBaTNg:Ir0oEa5KNuVFQEdvMb+KR0Nc8QsJq39

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

3.86.225.235:444

Targets

    • Target

      PQR32F.exe

    • Size

      72KB

    • MD5

      b49543b20a02ce4c06df91be046a4c6d

    • SHA1

      c3493f2fa9766ff0ccaed981abe22c165b5cf91c

    • SHA256

      0665859071d55def00614dd1b31821421c9f0341912e65587516d5f512b7e30c

    • SHA512

      99034ff80573d264ef64d49d6a873d2ea3ef338607c9a9a8faa288de3b002b537924cfa9a81453e5397b4a269146f16afc7d27412a1ca95587e0e719ad29c89f

    • SSDEEP

      768:IznY+YYUTMvPo3pVq+8aa5m3NujJFQz0QPcegV3RPCHSckzCScx4qXfb+KRBaTNg:Ir0oEa5KNuVFQEdvMb+KR0Nc8QsJq39

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks