metasploit

General

Target

1.jar
Size

48KB
Sample

240522-nxb92sea83
MD5

82592ebfde7fe301ee9a3bd14e79ea71
SHA1

07363274a24c63eb10325989cc377435587e8ed5
SHA256

508d6f893f07538458fdf64e07d02789280217efbf7144ddce62aad2bf90cdc2
SHA512

a399ce77952bb5e4c11c855c820b1803b9ca663c18f3eb5ed5238875fa710db6924e0b734d98d871c27a23a3bfa7d2ce0c6b8e58643ae6225a28998f29fa440a
SSDEEP

1536:YarSmry9uv651pAW91i0Q3B6bpLx74oxv:YarSJ9uvmsW91i0ecbz74Q

Score

10^/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://74.48.220.31:8632/DcTIHAkb/1Q9Al5hrrEDE4cXgoQm6Fg0czya0_1TO2gj2SNkyRMJ-nPV-2Q7lwYfx0yo1Em6ftP82BkL9xndf87LveJ-VVrDZ6OgJgN6b-niS5pLy52oQopR7348MLx5xDu2aNijLl-gsz7J9RcbgJnkc8J_5tuTtHXpWJRhnKwdZw9UP7M-qScr-52RnEiK

Targets

- Target
  
  1.jar
- Size
  
  48KB
- MD5
  
  82592ebfde7fe301ee9a3bd14e79ea71
- SHA1
  
  07363274a24c63eb10325989cc377435587e8ed5
- SHA256
  
  508d6f893f07538458fdf64e07d02789280217efbf7144ddce62aad2bf90cdc2
- SHA512
  
  a399ce77952bb5e4c11c855c820b1803b9ca663c18f3eb5ed5238875fa710db6924e0b734d98d871c27a23a3bfa7d2ce0c6b8e58643ae6225a28998f29fa440a
- SSDEEP
  
  1536:YarSmry9uv651pAW91i0Q3B6bpLx74oxv:YarSJ9uvmsW91i0ecbz74Q
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Modifies file permissions
  discovery
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

File and Directory Permissions Modification

1

T1222

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

Sharing

General

Malware Config

Extracted

Targets

Executes dropped EXE

Modifies file permissions

MITRE ATT&CK Matrix ATT&CK v13

Tasks

static1

behavioral1

behavioral2