metasploit | 0ea08a314a3a15097a74ecf6cd062d9574f739aa06f1a03ae99a6083e17a99d4 | Triage

Sharing

General

Target

0ea08a314a3a15097a74ecf6cd062d9574f739aa06f1a03ae99a6083e17a99d4.exe
Size

11.9MB
Sample

240518-mycrjafh51
MD5

077658e677f1f0b5c147eee4f900b883
SHA1

4fee05a41da927484bd36290c2019c923d293e0a
SHA256

0ea08a314a3a15097a74ecf6cd062d9574f739aa06f1a03ae99a6083e17a99d4
SHA512

386730c7f0a74f1c73a1959822c5ef6bac07184c308031778383f8215e0b363e473ea5231da1519171c28dcd20638c49e21d0c7419eca9f36b9d21e6597663fe
SSDEEP

196608:uQqEkRQLDPE50mr2puHUHNTYCsXDjDyfzdJolpPgToa10/cOMFOnJF9bEJ7BuCr7:sEkRQXcKmr2pu0tTYCEDMJ83a100OMs4

Score

10^/10

metasploit backdoor pyinstaller trojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

106.53.94.240:6000

Targets

- Target
  
  0ea08a314a3a15097a74ecf6cd062d9574f739aa06f1a03ae99a6083e17a99d4.exe
- Size
  
  11.9MB
- MD5
  
  077658e677f1f0b5c147eee4f900b883
- SHA1
  
  4fee05a41da927484bd36290c2019c923d293e0a
- SHA256
  
  0ea08a314a3a15097a74ecf6cd062d9574f739aa06f1a03ae99a6083e17a99d4
- SHA512
  
  386730c7f0a74f1c73a1959822c5ef6bac07184c308031778383f8215e0b363e473ea5231da1519171c28dcd20638c49e21d0c7419eca9f36b9d21e6597663fe
- SSDEEP
  
  196608:uQqEkRQLDPE50mr2puHUHNTYCsXDjDyfzdJolpPgToa10/cOMFOnJF9bEJ7BuCr7:sEkRQXcKmr2pu0tTYCEDMJ83a100OMs4
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan