metasploit

General

Target

1.dll
Size

9KB
Sample

240522-pmlamsbc51
MD5

1ec16da98fa7190204bdd8c7bebfccdf
SHA1

2e6922fdc24cfab4e249e54412a79417ceff84cb
SHA256

11b68c12632d90ab188f87bcf5dbd8ad054838a25bdd9438fcf88a2e01e5dc33
SHA512

b26bd70d59805ab7d185d7c6a84360954295b1ed1dcf9f19c2c220cbcaced9314def262a3b54e94b1b36b5a3a57a680a57df0f7a2501008639ed0b4a2e1136b9
SSDEEP

48:q0kV3zU9G4aNVh7XphlhEF57/nc6aZrCO1Jzh7xxwvPbOE:vDIKkjBbLxwv

Score

10^/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://74.48.220.31:8632/DcTIHAkb/1Q9Al5hrrEAhwCDBRCiYGggPZcyiBi_xKi-9qEZ3QhAONrkh9Ts8sac7OLknj_rtSpHvewsrpGalKTjp2-2I_5_pbm2tf36g09eRXRhNxWMR0xZ-A1eGng9-AoB9VMAn0rI92zd8GxT6zYg1eBKt24C6mvr3BBuYBRZYgpXmkV7oFxt-d

Targets

- Target
  
  1.dll
- Size
  
  9KB
- MD5
  
  1ec16da98fa7190204bdd8c7bebfccdf
- SHA1
  
  2e6922fdc24cfab4e249e54412a79417ceff84cb
- SHA256
  
  11b68c12632d90ab188f87bcf5dbd8ad054838a25bdd9438fcf88a2e01e5dc33
- SHA512
  
  b26bd70d59805ab7d185d7c6a84360954295b1ed1dcf9f19c2c220cbcaced9314def262a3b54e94b1b36b5a3a57a680a57df0f7a2501008639ed0b4a2e1136b9
- SSDEEP
  
  48:q0kV3zU9G4aNVh7XphlhEF57/nc6aZrCO1Jzh7xxwvPbOE:vDIKkjBbLxwv
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Blocklisted process makes network request
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

Sharing

General

Malware Config

Extracted

Targets

Blocklisted process makes network request

Suspicious use of SetThreadContext

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2