Overview

overview

10

Static

static

3

8fd3076feb...b2.exe

windows7-x64

10

8fd3076feb...b2.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8fd3076feb40910d8ab187bc31b87c1256434514af59b8a4fbdc81daee7d95b2

  • Size

    72KB

  • Sample

    240422-aqs3bsda54

  • MD5

    55ea4bb456e20bd4f59ed634c4700c27

  • SHA1

    775ade042cd1313d76c9ade44ad6a089af19222c

  • SHA256

    8fd3076feb40910d8ab187bc31b87c1256434514af59b8a4fbdc81daee7d95b2

  • SHA512

    4971fcde28d43248d470223cdeb8206d646f8065cf0aa9be753579ad73cc03e9e1d0248d3cbc115af0e0f80568c0407430380d150e044219e62dda258ab1ffa8

  • SSDEEP

    1536:IGAhT+8nEQLovVKMSBngf0EODzPPXKkprwRGPZMb+KR0Nc8QsJq39:Kq8nPEvVKMyn5/nak+Rwe0Nc8QsC9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

253.147.205.18:31855

Targets

    • Target

      8fd3076feb40910d8ab187bc31b87c1256434514af59b8a4fbdc81daee7d95b2

    • Size

      72KB

    • MD5

      55ea4bb456e20bd4f59ed634c4700c27

    • SHA1

      775ade042cd1313d76c9ade44ad6a089af19222c

    • SHA256

      8fd3076feb40910d8ab187bc31b87c1256434514af59b8a4fbdc81daee7d95b2

    • SHA512

      4971fcde28d43248d470223cdeb8206d646f8065cf0aa9be753579ad73cc03e9e1d0248d3cbc115af0e0f80568c0407430380d150e044219e62dda258ab1ffa8

    • SSDEEP

      1536:IGAhT+8nEQLovVKMSBngf0EODzPPXKkprwRGPZMb+KR0Nc8QsJq39:Kq8nPEvVKMyn5/nak+Rwe0Nc8QsC9

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks