metasploit | d76a2824cfcebaef3570f7b550a0db589bf6081791e670f662986b32d503ab67 | Triage

Sharing

General

Target

65c816c53d5eec5a81943dc8f85438e0_NEAS
Size

71KB
Sample

240507-n2jjxsef8v
MD5

65c816c53d5eec5a81943dc8f85438e0
SHA1

04fda9ab373601414cc8fb2e1ab5e3a2e3dbf479
SHA256

d76a2824cfcebaef3570f7b550a0db589bf6081791e670f662986b32d503ab67
SHA512

a9efa1e11deec2d6ebecb874b6f4ae7c371d20b5bea5d45913160163bfdb1fef107f6f6f2c6dcd5d05a955b9c6167b08dd90282b7230ed4f2e5cc3dede1d6eff
SSDEEP

1536:Gu6/DnP63PLsm7CQAoQ3C7Pe7XdEfiHvZZgsWccd7l7F+WI8Y:w/WHuKQ3C7tfivjc7CWI8Y

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://1.117.230.165:5963/Ki6r

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)

Targets

- Target
  
  65c816c53d5eec5a81943dc8f85438e0_NEAS
- Size
  
  71KB
- MD5
  
  65c816c53d5eec5a81943dc8f85438e0
- SHA1
  
  04fda9ab373601414cc8fb2e1ab5e3a2e3dbf479
- SHA256
  
  d76a2824cfcebaef3570f7b550a0db589bf6081791e670f662986b32d503ab67
- SHA512
  
  a9efa1e11deec2d6ebecb874b6f4ae7c371d20b5bea5d45913160163bfdb1fef107f6f6f2c6dcd5d05a955b9c6167b08dd90282b7230ed4f2e5cc3dede1d6eff
- SSDEEP
  
  1536:Gu6/DnP63PLsm7CQAoQ3C7Pe7XdEfiHvZZgsWccd7l7F+WI8Y:w/WHuKQ3C7tfivjc7CWI8Y
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan