Overview

overview

10

Static

static

8

9de02635d9...5a.doc

windows7-x64

10

9de02635d9...5a.doc

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9de02635d9732b0accc3db5ed014b06bcf72cb0b6ebc673bdc94fac780c7905a

  • Size

    41KB

  • Sample

    240529-cyqy2sfg94

  • MD5

    d3cce1b299b0c83f8524c758da9b832f

  • SHA1

    2867f9e55f3fba08121f3198a93586f4e5f26a32

  • SHA256

    9de02635d9732b0accc3db5ed014b06bcf72cb0b6ebc673bdc94fac780c7905a

  • SHA512

    ae57eb510f0131aa4b149f447c54fbbbed10a77475fe29bc30437fb5324e31a73f69c5057aa0787e3ee55ad530aff671e9f1313b91174f68fbbf89132666d6ce

  • SSDEEP

    384:u9tIiSJPw+QD1+HopYzJqF250j7v1Lli83rCGZPtTFeFaxZP:o+kkINEKvNllvZlFeFaxZP

Score
10/10
metasploitbackdoormacromacro_on_actiontrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.45.195:80

Targets

    • Target

      9de02635d9732b0accc3db5ed014b06bcf72cb0b6ebc673bdc94fac780c7905a

    • Size

      41KB

    • MD5

      d3cce1b299b0c83f8524c758da9b832f

    • SHA1

      2867f9e55f3fba08121f3198a93586f4e5f26a32

    • SHA256

      9de02635d9732b0accc3db5ed014b06bcf72cb0b6ebc673bdc94fac780c7905a

    • SHA512

      ae57eb510f0131aa4b149f447c54fbbbed10a77475fe29bc30437fb5324e31a73f69c5057aa0787e3ee55ad530aff671e9f1313b91174f68fbbf89132666d6ce

    • SSDEEP

      384:u9tIiSJPw+QD1+HopYzJqF250j7v1Lli83rCGZPtTFeFaxZP:o+kkINEKvNllvZlFeFaxZP

    Score
    10/10
    metasploitbackdoortrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks