metasploit | 4a0c1f036df7719f32f93aefae3bafe6074b70441e15963fafbbf8ab739be609 | Triage

Sharing

General

Target

7bd23b2bafedcf6e8713e16363f92600_NeikiAnalytics.exe
Size

98KB
Sample

240531-wsy71sha99
MD5

7bd23b2bafedcf6e8713e16363f92600
SHA1

22e039aee11fadb077562c0d8042f262c1524571
SHA256

4a0c1f036df7719f32f93aefae3bafe6074b70441e15963fafbbf8ab739be609
SHA512

43419fa101aa1d5f5c1893e9f5a5be8e0e06c809a2ec50c30663064c34fc070977fd4d90cae5b6263c3fdca337645bea4e3b4f078938d64c6826afaefa198062
SSDEEP

768:DAqvc8Ylh2G7zaaRzlKH6Z6zkEPvyV/UIuOoB7HKKnYH7i3xVYscGqMWBBVWP2m6:t6lhN7bHKafC0ImKxVnqFBmXFUzx

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://45.134.21.8:62/6iXe

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0; BOIE9;ENUSMSCOM)

Targets

- Target
  
  7bd23b2bafedcf6e8713e16363f92600_NeikiAnalytics.exe
- Size
  
  98KB
- MD5
  
  7bd23b2bafedcf6e8713e16363f92600
- SHA1
  
  22e039aee11fadb077562c0d8042f262c1524571
- SHA256
  
  4a0c1f036df7719f32f93aefae3bafe6074b70441e15963fafbbf8ab739be609
- SHA512
  
  43419fa101aa1d5f5c1893e9f5a5be8e0e06c809a2ec50c30663064c34fc070977fd4d90cae5b6263c3fdca337645bea4e3b4f078938d64c6826afaefa198062
- SSDEEP
  
  768:DAqvc8Ylh2G7zaaRzlKH6Z6zkEPvyV/UIuOoB7HKKnYH7i3xVYscGqMWBBVWP2m6:t6lhN7bHKafC0ImKxVnqFBmXFUzx
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan