metasploit | 802a968749d0cc3eb8181d973418e4ea05bf53265ef21629cd3e679273813d14 | Triage

Sharing

General

Target

802a968749d0cc3eb8181d973418e4ea05bf53265ef21629cd3e679273813d14
Size

14KB
Sample

240508-mfvvdsac63
MD5

64d8a38d1849638eec452070b41feb8d
SHA1

16a4e8d8fedd197ca211133e7f7ee9fdca27124a
SHA256

802a968749d0cc3eb8181d973418e4ea05bf53265ef21629cd3e679273813d14
SHA512

df98c5fef38fbc874e8f8f6e21eb940c2c015701b78c5b1b8494ab493f698aa6640b41e10e17bf35c4379a3e784b77c419e63180913ef7a3034457660ec2ceea
SSDEEP

192:U3mbPYCfMcrfOIuZmvKQxtzlSIVX6NObU/yejDMN1:7MCfrfQ6tBSIveUN1

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.111.147:89/1Znc

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; MDDCJS)

Targets

- Target
  
  802a968749d0cc3eb8181d973418e4ea05bf53265ef21629cd3e679273813d14
- Size
  
  14KB
- MD5
  
  64d8a38d1849638eec452070b41feb8d
- SHA1
  
  16a4e8d8fedd197ca211133e7f7ee9fdca27124a
- SHA256
  
  802a968749d0cc3eb8181d973418e4ea05bf53265ef21629cd3e679273813d14
- SHA512
  
  df98c5fef38fbc874e8f8f6e21eb940c2c015701b78c5b1b8494ab493f698aa6640b41e10e17bf35c4379a3e784b77c419e63180913ef7a3034457660ec2ceea
- SSDEEP
  
  192:U3mbPYCfMcrfOIuZmvKQxtzlSIVX6NObU/yejDMN1:7MCfrfQ6tBSIveUN1
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan