metasploit | b6c55cb3c8a3b1139fbfbfe31c3b81069930f256668d7c28d2d9612f3389b18e | Triage

Sharing

General

Target

b6c55cb3c8a3b1139fbfbfe31c3b81069930f256668d7c28d2d9612f3389b18e
Size

9KB
Sample

240908-b1p9vsxclm
MD5

c7287df2c866dbca2bcf6dd7df9a4aaa
SHA1

3f9e0ccc00cbc53970ab0d4994b94efb13043bad
SHA256

b6c55cb3c8a3b1139fbfbfe31c3b81069930f256668d7c28d2d9612f3389b18e
SHA512

436a971fee8a0de2f6067dadf0073e7dc008ff217b78fa2fa88717b9d8528be1b9bb1009f5564719e10cc093cf28a5a5efa629a4b2ae0a246530c2476e8d1d0c
SSDEEP

48:q0kV3zU9G4aNVh7XphlhEF57/nGhZoKEvDFbOE:vDIK6or

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.45.193:443

Targets

- Target
  
  b6c55cb3c8a3b1139fbfbfe31c3b81069930f256668d7c28d2d9612f3389b18e
- Size
  
  9KB
- MD5
  
  c7287df2c866dbca2bcf6dd7df9a4aaa
- SHA1
  
  3f9e0ccc00cbc53970ab0d4994b94efb13043bad
- SHA256
  
  b6c55cb3c8a3b1139fbfbfe31c3b81069930f256668d7c28d2d9612f3389b18e
- SHA512
  
  436a971fee8a0de2f6067dadf0073e7dc008ff217b78fa2fa88717b9d8528be1b9bb1009f5564719e10cc093cf28a5a5efa629a4b2ae0a246530c2476e8d1d0c
- SSDEEP
  
  48:q0kV3zU9G4aNVh7XphlhEF57/nGhZoKEvDFbOE:vDIK6or
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan