metasploit | e6f14159a58d5f479fccfcd91eaad285f93d0f35e872ea4deadf67c4f252df28 | Triage

Sharing

General

Target

e6f14159a58d5f479fccfcd91eaad285f93d0f35e872ea4deadf67c4f252df28
Size

83KB
Sample

240529-d3hc5sgh7t
MD5

62a55031576a80e9eee504512c043634
SHA1

7f55a58324f6da14bfbaf9d07d88587c7146a0c3
SHA256

e6f14159a58d5f479fccfcd91eaad285f93d0f35e872ea4deadf67c4f252df28
SHA512

5fc664ddaacb6dc99d713fe042a0a67a90b7b2e82f1eae7e9c05de8288656bdaba8d067ed9403a935a137b78aa58d9af8995436b04ec83f97810bc3b7651697f
SSDEEP

1536:Ex+WqQuctgd6mVfv/wnmAgDO+KJxAQN+DHC9S3AGcf+UXZb8ayHZOiqOXCla:q+X8YVn/7dKJW2n92A1+WYoLOCE

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.138.217:4444

Targets

- Target
  
  e6f14159a58d5f479fccfcd91eaad285f93d0f35e872ea4deadf67c4f252df28
- Size
  
  83KB
- MD5
  
  62a55031576a80e9eee504512c043634
- SHA1
  
  7f55a58324f6da14bfbaf9d07d88587c7146a0c3
- SHA256
  
  e6f14159a58d5f479fccfcd91eaad285f93d0f35e872ea4deadf67c4f252df28
- SHA512
  
  5fc664ddaacb6dc99d713fe042a0a67a90b7b2e82f1eae7e9c05de8288656bdaba8d067ed9403a935a137b78aa58d9af8995436b04ec83f97810bc3b7651697f
- SSDEEP
  
  1536:Ex+WqQuctgd6mVfv/wnmAgDO+KJxAQN+DHC9S3AGcf+UXZb8ayHZOiqOXCla:q+X8YVn/7dKJW2n92A1+WYoLOCE
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2