Overview

overview

10

Static

static

10

3ecb20d0a5...2d.exe

windows7-x64

10

3ecb20d0a5...2d.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3ecb20d0a5be308383928ad5300be667cbf65aa490f33f0dd2f5a1ac71263d2d

  • Size

    72KB

  • Sample

    240505-zrcjeadf91

  • MD5

    1512dcdec3dad46f948d3731185232da

  • SHA1

    3dccc2c3cea1782c843e9a009363598e704e880d

  • SHA256

    3ecb20d0a5be308383928ad5300be667cbf65aa490f33f0dd2f5a1ac71263d2d

  • SHA512

    a2d72fa7b78fe36f0d9210d951f38d685086dc00d1295977f057289ee076c2add8b938415f139f1479221dcf22852b787189992671ed6e121b7d02f62289dd45

  • SSDEEP

    1536:IbufuxZhGs6GBf1Cwb/aZ9mHQvj2jmMb+KR0Nc8QsJq39:rqGd4NCy/aHmMjeme0Nc8QsC9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

107.175.104.135:35170

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Targets

    • Target

      3ecb20d0a5be308383928ad5300be667cbf65aa490f33f0dd2f5a1ac71263d2d

    • Size

      72KB

    • MD5

      1512dcdec3dad46f948d3731185232da

    • SHA1

      3dccc2c3cea1782c843e9a009363598e704e880d

    • SHA256

      3ecb20d0a5be308383928ad5300be667cbf65aa490f33f0dd2f5a1ac71263d2d

    • SHA512

      a2d72fa7b78fe36f0d9210d951f38d685086dc00d1295977f057289ee076c2add8b938415f139f1479221dcf22852b787189992671ed6e121b7d02f62289dd45

    • SSDEEP

      1536:IbufuxZhGs6GBf1Cwb/aZ9mHQvj2jmMb+KR0Nc8QsJq39:rqGd4NCy/aHmMjeme0Nc8QsC9

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks