Overview

overview

10

Static

static

3

0b8955ef30...AS.exe

windows7-x64

10

0b8955ef30...AS.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0b8955ef3024b418f9dd56d05025c530_NEAS

  • Size

    72KB

  • Sample

    240506-yz5z9ahc41

  • MD5

    0b8955ef3024b418f9dd56d05025c530

  • SHA1

    c4c2727981a48e593fbc5b8e9e9c91cf0c055885

  • SHA256

    5b539d662261a2efc7ed35f30ae063a7a788f1dd3fb5ec7661388b7db5dc5f9f

  • SHA512

    a7aa4bd42fad310152d26453e75719a3a1d1c5b50737bd42202893d9744bb37620debc48344d7a5b3259473802a1810e15632bf114684ae0b6b13ab76c204e10

  • SSDEEP

    1536:It26CUgVMQT64rLaedl2x9nazF7BEMb+KR0Nc8QsJq39:c2TMQT64qeqx9naEe0Nc8QsC9

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

154.73.113.211:21741

Targets

    • Target

      0b8955ef3024b418f9dd56d05025c530_NEAS

    • Size

      72KB

    • MD5

      0b8955ef3024b418f9dd56d05025c530

    • SHA1

      c4c2727981a48e593fbc5b8e9e9c91cf0c055885

    • SHA256

      5b539d662261a2efc7ed35f30ae063a7a788f1dd3fb5ec7661388b7db5dc5f9f

    • SHA512

      a7aa4bd42fad310152d26453e75719a3a1d1c5b50737bd42202893d9744bb37620debc48344d7a5b3259473802a1810e15632bf114684ae0b6b13ab76c204e10

    • SSDEEP

      1536:It26CUgVMQT64rLaedl2x9nazF7BEMb+KR0Nc8QsJq39:c2TMQT64qeqx9naEe0Nc8QsC9

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks