metasploit | 2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77 | Triage

Submit
Reports

Overview

overview

Static

static

2ba8877ca1...77.exe

windows7-x64

2ba8877ca1...77.exe

windows10-2004-x64

Sharing

General

Target

2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77
Size

546KB
Sample

240517-qygx2aag2y
MD5

6909f906af0bcae804363346e964a1d5
SHA1

ddad7cb8bd5b7727884772d53a40dead686b4413
SHA256

2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77
SHA512

59e4e4800e3e738f9edb984ee7c70d7c861aabfb166c68621fca782c1acb665df37283748281f5abebd6bf7c95c3b2b2b454923a7f6a10b1aaf79edd3a7965c4
SSDEEP

3072:HkyR33czQJPY3DgFXAcdOrVICIyL773T0bmIJxmbirBCsrAUd1qZQxS:Hk2czQ5Y3Dqwcd2YIPDIJxU2RPqZH

Score

10^/10

metasploit backdoor trojan upx

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77.exe

Resource

win7-20240221-en

metasploit backdoor trojan upx

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77.exe

Resource

win10v2004-20240226-en

metasploit backdoor trojan upx

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.150:8888

Targets

- Target
  
  2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77
- Size
  
  546KB
- MD5
  
  6909f906af0bcae804363346e964a1d5
- SHA1
  
  ddad7cb8bd5b7727884772d53a40dead686b4413
- SHA256
  
  2ba8877ca1e98625dcb4f6f6f99aa2225b0b77a9b3d507edffb39bb5ea75bb77
- SHA512
  
  59e4e4800e3e738f9edb984ee7c70d7c861aabfb166c68621fca782c1acb665df37283748281f5abebd6bf7c95c3b2b2b454923a7f6a10b1aaf79edd3a7965c4
- SSDEEP
  
  3072:HkyR33czQJPY3DgFXAcdOrVICIyL773T0bmIJxmbirBCsrAUd1qZQxS:Hk2czQ5Y3Dqwcd2YIPDIJxU2RPqZH
Score

10^/10

metasploit backdoor trojan upx
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojanupx

behavioral2

metasploitbackdoortrojanupx

© 2018-2024

Terms | Privacy