metasploit | 4ee5f936d6499ba45e3a2375cd7cb9cf3c84a7e1a4ad9aef616dd793f95dac8e | Triage

Sharing

General

Target

4ee5f936d6499ba45e3a2375cd7cb9cf3c84a7e1a4ad9aef616dd793f95dac8e
Size

83KB
Sample

240823-l1qwhaxenh
MD5

aac0adcc0a64df64d7baf813c114747f
SHA1

e6ea3a75c5ac7472c22b89ac455499ac91c98ebe
SHA256

4ee5f936d6499ba45e3a2375cd7cb9cf3c84a7e1a4ad9aef616dd793f95dac8e
SHA512

6ab84916abb53254d9adcf8beb6fd0281860076f1febecc17a445303c01dbc4260699de3a2e9cba504f739d6b15a0515e817eb36b052c1dd731cb672107a9d2a
SSDEEP

1536:nq+3TJmMbkHBKpE2eNCMR3zqCPagHBvow:53TJMkpEX3OIBgw

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://10.1.1.50:80/JwSH

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; InfoPath.2; InfoPath.3)

Targets

- Target
  
  4ee5f936d6499ba45e3a2375cd7cb9cf3c84a7e1a4ad9aef616dd793f95dac8e
- Size
  
  83KB
- MD5
  
  aac0adcc0a64df64d7baf813c114747f
- SHA1
  
  e6ea3a75c5ac7472c22b89ac455499ac91c98ebe
- SHA256
  
  4ee5f936d6499ba45e3a2375cd7cb9cf3c84a7e1a4ad9aef616dd793f95dac8e
- SHA512
  
  6ab84916abb53254d9adcf8beb6fd0281860076f1febecc17a445303c01dbc4260699de3a2e9cba504f739d6b15a0515e817eb36b052c1dd731cb672107a9d2a
- SSDEEP
  
  1536:nq+3TJmMbkHBKpE2eNCMR3zqCPagHBvow:53TJMkpEX3OIBgw
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan