metasploit | a5998207540cb63eff9b9f9caa736c5f86aed405940b9b87366f69577499d3c2 | Triage

Sharing

General

Target

dingding.exe
Size

72KB
Sample

240522-ntwvaade3t
MD5

75d75fc725bbf8efad750d531e1fa39c
SHA1

c730f002167f68193e7517edc6716ff9e2d803c3
SHA256

a5998207540cb63eff9b9f9caa736c5f86aed405940b9b87366f69577499d3c2
SHA512

ea2a7ffcf73b7729cddb89815e8a5ea3fbbd9e3ae0cd7e21f92a07ce6ecdf1520d91ea55dde54aa2fc27b8eb9d4e9a5f5c9213673d3a0c8ac4f62e96dc874c0f
SSDEEP

768:IwLUd/KmyM5ZDhVumqBuKak666RB9zSW+pr3k4oPCHSckzCScx4qXfb+KRBaTNcj:I7imyMpkmc6bRn34KMb+KR0Nc8QsJq39

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

110.42.189.52:2769

Targets

- Target
  
  dingding.exe
- Size
  
  72KB
- MD5
  
  75d75fc725bbf8efad750d531e1fa39c
- SHA1
  
  c730f002167f68193e7517edc6716ff9e2d803c3
- SHA256
  
  a5998207540cb63eff9b9f9caa736c5f86aed405940b9b87366f69577499d3c2
- SHA512
  
  ea2a7ffcf73b7729cddb89815e8a5ea3fbbd9e3ae0cd7e21f92a07ce6ecdf1520d91ea55dde54aa2fc27b8eb9d4e9a5f5c9213673d3a0c8ac4f62e96dc874c0f
- SSDEEP
  
  768:IwLUd/KmyM5ZDhVumqBuKak666RB9zSW+pr3k4oPCHSckzCScx4qXfb+KRBaTNcj:I7imyMpkmc6bRn34KMb+KR0Nc8QsJq39
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan