metasploit | 0b2fe1adf15c0f7c54f2468b297487c239a56f9e46e9172e7ab9fc8537fea71b | Triage

Sharing

General

Target

0b2fe1adf15c0f7c54f2468b297487c239a56f9e46e9172e7ab9fc8537fea71b.pdf
Size

59KB
Sample

240508-q7m6eaab35
MD5

6d095519c92b6b334a2a6eb13e96eab1
SHA1

96e3174ddd0b5994afda5bf44f5530750081e4b0
SHA256

0b2fe1adf15c0f7c54f2468b297487c239a56f9e46e9172e7ab9fc8537fea71b
SHA512

38844a9f857f0e9f3f5dee840b5330219204c23a5bc604af097024c7eb40f445213ea30bd71ed03fc9caf782b299f9932bd33910d94497aacfc62798c5bfe308
SSDEEP

768:TLcuNY8Dgm59bpUgAD1kANgL7grJYO3dMdUXkZ33c+m+7HIgtiKnAwSfw/pgDUwB:TLcUj5pp01bckJXOdBmkHbhLfwOw

Score

10^/10

metasploit backdoor javascript pdf trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.50.161:6969

Targets

- Target
  
  0b2fe1adf15c0f7c54f2468b297487c239a56f9e46e9172e7ab9fc8537fea71b.pdf
- Size
  
  59KB
- MD5
  
  6d095519c92b6b334a2a6eb13e96eab1
- SHA1
  
  96e3174ddd0b5994afda5bf44f5530750081e4b0
- SHA256
  
  0b2fe1adf15c0f7c54f2468b297487c239a56f9e46e9172e7ab9fc8537fea71b
- SHA512
  
  38844a9f857f0e9f3f5dee840b5330219204c23a5bc604af097024c7eb40f445213ea30bd71ed03fc9caf782b299f9932bd33910d94497aacfc62798c5bfe308
- SSDEEP
  
  768:TLcuNY8Dgm59bpUgAD1kANgL7grJYO3dMdUXkZ33c+m+7HIgtiKnAwSfw/pgDUwB:TLcUj5pp01bckJXOdBmkHbhLfwOw
Score

4^/10
behavioral1
- Target
  
  form.pdf
- Size
  
  72KB
- MD5
  
  ae378032560ed350792cf0d3410b9f7c
- SHA1
  
  d6f9a3bb3fd3450fd48945527ec0ea59aa0dfab0
- SHA256
  
  34cee2612ae5c8cf30363301a90aa2d8de75e3d5d08ae36cf71b8144b225290b
- SHA512
  
  dce6ba7d5c34f96b2e1a0bd5f9ccd8cb6f02ff52399c3200839af4a5e8e8ae02d3805f04fb5849641c26ea877db5d92e5dfd922a0a148022347115e092a2e75e
- SSDEEP
  
  1536:I2UtOlGRryI3/l6WIeuk6tGspVSwIEuSIoSfhRIXPud911nMb+KR0Nc8QsJq39:jUtyI3/l3j96GsnL7uS2h2XPuLe0Nc84
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pdfjavascriptmetasploit

behavioral1

behavioral2

metasploitbackdoortrojan