Overview

overview

10

Static

static

8

bbcd452a40...e.docm

windows7-x64

10

bbcd452a40...e.docm

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    bbcd452a40751882c23ac62aa322e378f59d6e15a2041400cf5d2e7af2ded1fe

  • Size

    23KB

  • Sample

    240801-1dd1ra1dqf

  • MD5

    5b2b236d6e89deeac430258664d8d695

  • SHA1

    7ba790eeee21a008722982dc1fca01ff3e7e3bb6

  • SHA256

    bbcd452a40751882c23ac62aa322e378f59d6e15a2041400cf5d2e7af2ded1fe

  • SHA512

    659f175c80b454c5606bc469b4f6cfedc01ddb99a1cbddfd6621f0d6660a0d1e1f54e20e765c51e921f1d182bbe7396650c93c38c3b95790021d40a5961111e4

  • SSDEEP

    384:/irhzg9+8J8EchisLu0e0+GW6teSVO/v0uM2iOiWMSXZcu/CEm+3XG9RjrH9NEvq:/bE8nGK0nzWAo0jOi98Ka8jb9NEv/Qh

Score
10/10
metasploitbackdoordiscoverymacrotrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.10.10.10:433

Targets

    • Target

      bbcd452a40751882c23ac62aa322e378f59d6e15a2041400cf5d2e7af2ded1fe

    • Size

      23KB

    • MD5

      5b2b236d6e89deeac430258664d8d695

    • SHA1

      7ba790eeee21a008722982dc1fca01ff3e7e3bb6

    • SHA256

      bbcd452a40751882c23ac62aa322e378f59d6e15a2041400cf5d2e7af2ded1fe

    • SHA512

      659f175c80b454c5606bc469b4f6cfedc01ddb99a1cbddfd6621f0d6660a0d1e1f54e20e765c51e921f1d182bbe7396650c93c38c3b95790021d40a5961111e4

    • SSDEEP

      384:/irhzg9+8J8EchisLu0e0+GW6teSVO/v0uM2iOiWMSXZcu/CEm+3XG9RjrH9NEvq:/bE8nGK0nzWAo0jOi98Ka8jb9NEv/Qh

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks