Overview

overview

10

Static

static

3

tinyxml.dll

windows7-x64

1

tinyxml.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tinyxml.dll

  • Size

    24KB

  • Sample

    240526-pjmpasca4y

  • MD5

    553fd99899eff49eb8cd3415cd8aa4f0

  • SHA1

    3d6a2190be821d2133ef5464af878d5f4d13e408

  • SHA256

    ff931eeeeb4dab0545e6261b06ea3f581793406ce9f865ada181972a7b1e7e1e

  • SHA512

    4ab56ffba9aca3e9ab0fb3c1ce567f860d83b4f055ada4785ad26e53899d5aa9f5688592e25d21ab1d79dc7b45aef9e12ed0aa1086bfb64cb9c23a7840662719

  • SSDEEP

    384:XtOfB+juJ5j7ICYPUcRlSkSib4bv5ONPWswX/X/:9OsKvALX4LswX/X

Score
10/10
metasploitbackdoortrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://112.74.126.200:443/jquery-3.3.1.slim.min.js

Targets

    • Target

      tinyxml.dll

    • Size

      24KB

    • MD5

      553fd99899eff49eb8cd3415cd8aa4f0

    • SHA1

      3d6a2190be821d2133ef5464af878d5f4d13e408

    • SHA256

      ff931eeeeb4dab0545e6261b06ea3f581793406ce9f865ada181972a7b1e7e1e

    • SHA512

      4ab56ffba9aca3e9ab0fb3c1ce567f860d83b4f055ada4785ad26e53899d5aa9f5688592e25d21ab1d79dc7b45aef9e12ed0aa1086bfb64cb9c23a7840662719

    • SSDEEP

      384:XtOfB+juJ5j7ICYPUcRlSkSib4bv5ONPWswX/X/:9OsKvALX4LswX/X

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks