Overview

overview

10

Static

static

10

text_service.exe

windows7-x64

10

text_service.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    text_service.exe

  • Size

    15KB

  • Sample

    240518-nvzmkahh2x

  • MD5

    7c16703b6a1e8e5d42c0fdd1b492fad9

  • SHA1

    81653db83a3ac3ffe200dccf795a345d03efb8d7

  • SHA256

    9176744401ef6fe256da1b725e92de9e8d9cd3800c54b13d9fb7b610f720b5cb

  • SHA512

    31db805e012ed5582ef3ddf17e725ea43ff42f4dc9639e314aacbdaa944cad2346060436d0e6cf6f53fd1991eb0863d95a4c468891f026452fa5d0924c827093

  • SSDEEP

    96:5N/u6qBDjTfA2BywoAJPQYi3K1DntAfdomPdHWsyz7w7b:W6QDjj1BpbtQYQK5YouI1s7b

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

146.190.15.117:60169

Targets

    • Target

      text_service.exe

    • Size

      15KB

    • MD5

      7c16703b6a1e8e5d42c0fdd1b492fad9

    • SHA1

      81653db83a3ac3ffe200dccf795a345d03efb8d7

    • SHA256

      9176744401ef6fe256da1b725e92de9e8d9cd3800c54b13d9fb7b610f720b5cb

    • SHA512

      31db805e012ed5582ef3ddf17e725ea43ff42f4dc9639e314aacbdaa944cad2346060436d0e6cf6f53fd1991eb0863d95a4c468891f026452fa5d0924c827093

    • SSDEEP

      96:5N/u6qBDjTfA2BywoAJPQYi3K1DntAfdomPdHWsyz7w7b:W6QDjj1BpbtQYQK5YouI1s7b

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks