Overview

overview

10

Static

static

10

CRMx86.exe

windows7-x64

10

CRMx86.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    CRMx86.exe

  • Size

    72KB

  • Sample

    240418-lphezsaf7y

  • MD5

    3b543597347a9ca15737b709bb9802fd

  • SHA1

    ecba0ecc4fcf56c9ec0fdd1f3d42245344b8fe1f

  • SHA256

    b34648e63f1a1c3d8ba9203d736e6ab87463e6d31ca5ac0ffb14b838ea29706e

  • SHA512

    fcd082602cb9f413470c0cb6cb2fa407ae276f06a0aae0fe6f0689967ee9ea4eed6211b7bdfa4007755d91fc766bdcff8d0825bced5c387b04eecbd8f5aa890a

  • SSDEEP

    1536:IcaAFlHfdE9GIkFFikY9lyriMb+KR0Nc8QsJq39:Ha0lHfqZkXikYy2e0Nc8QsC9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

54.160.6.186:4443

Targets

    • Target

      CRMx86.exe

    • Size

      72KB

    • MD5

      3b543597347a9ca15737b709bb9802fd

    • SHA1

      ecba0ecc4fcf56c9ec0fdd1f3d42245344b8fe1f

    • SHA256

      b34648e63f1a1c3d8ba9203d736e6ab87463e6d31ca5ac0ffb14b838ea29706e

    • SHA512

      fcd082602cb9f413470c0cb6cb2fa407ae276f06a0aae0fe6f0689967ee9ea4eed6211b7bdfa4007755d91fc766bdcff8d0825bced5c387b04eecbd8f5aa890a

    • SSDEEP

      1536:IcaAFlHfdE9GIkFFikY9lyriMb+KR0Nc8QsJq39:Ha0lHfqZkXikYy2e0Nc8QsC9

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks