metasploit | 5c79e80a68078e7a37d428d057860e9987d2e8a7f18f84888cc40729563a3681 | Triage

Sharing

General

Target

486e40acb2e71100832d5541aac63f40_NeikiAnalytics
Size

72KB
Sample

240514-3zpqgseh7x
MD5

486e40acb2e71100832d5541aac63f40
SHA1

3f7e6647c6fdb271fe3b98d0660604c26b59d865
SHA256

5c79e80a68078e7a37d428d057860e9987d2e8a7f18f84888cc40729563a3681
SHA512

cf6578e73c47a2521b6d3b32d904a992f983c5bccac9f2b7037fec0129d3deabfc82a8af75bce19aeb4f984e2b2551b59ddd0c65b40b7356d57b756f589c39a7
SSDEEP

1536:IZe263ZFIWjhB0iPuMCyhvb0+qMb+KR0Nc8QsJq39:+j6pGOwqu/yhvb0+qe0Nc8QsC9

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

173.113.170.86:7053

Targets

- Target
  
  486e40acb2e71100832d5541aac63f40_NeikiAnalytics
- Size
  
  72KB
- MD5
  
  486e40acb2e71100832d5541aac63f40
- SHA1
  
  3f7e6647c6fdb271fe3b98d0660604c26b59d865
- SHA256
  
  5c79e80a68078e7a37d428d057860e9987d2e8a7f18f84888cc40729563a3681
- SHA512
  
  cf6578e73c47a2521b6d3b32d904a992f983c5bccac9f2b7037fec0129d3deabfc82a8af75bce19aeb4f984e2b2551b59ddd0c65b40b7356d57b756f589c39a7
- SSDEEP
  
  1536:IZe263ZFIWjhB0iPuMCyhvb0+qMb+KR0Nc8QsJq39:+j6pGOwqu/yhvb0+qe0Nc8QsC9
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan