metasploit | 05b77e0841f8f06d3105df849464a5014f0cb7e22900cf47e76064e08ce03ca8 | Triage

Sharing

General

Target

05b77e0841f8f06d3105df849464a5014f0cb7e22900cf47e76064e08ce03ca8
Size

16KB
Sample

240526-ylmlraag54
MD5

3993784502d8052664c1765a4ac3d11e
SHA1

93107e6315f8224e9421ae2412ea44a609753b56
SHA256

05b77e0841f8f06d3105df849464a5014f0cb7e22900cf47e76064e08ce03ca8
SHA512

da3b0bf7bf63e631e3ce6aa55af55221604490035c91e8fa9f065601c48f6864d3a2c5be1d597d28c98f249a691370a343990b6866c95b2dae39c3b4052448d1
SSDEEP

192:u3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOEvrTejDMN1F+j:tMCfrfQ6tBSISvrTeUN1Fm

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.227.128:82/VAsR

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; QQDownload 733; .NET CLR 2.0.50727)

Targets

- Target
  
  05b77e0841f8f06d3105df849464a5014f0cb7e22900cf47e76064e08ce03ca8
- Size
  
  16KB
- MD5
  
  3993784502d8052664c1765a4ac3d11e
- SHA1
  
  93107e6315f8224e9421ae2412ea44a609753b56
- SHA256
  
  05b77e0841f8f06d3105df849464a5014f0cb7e22900cf47e76064e08ce03ca8
- SHA512
  
  da3b0bf7bf63e631e3ce6aa55af55221604490035c91e8fa9f065601c48f6864d3a2c5be1d597d28c98f249a691370a343990b6866c95b2dae39c3b4052448d1
- SSDEEP
  
  192:u3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOEvrTejDMN1F+j:tMCfrfQ6tBSISvrTeUN1Fm
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan