metasploit | 309bdccd880165e7f5180eaa1e1f257d4e3cccea162881e03fcaeaf281717720 | Triage

Sharing

General

Target

309bdccd880165e7f5180eaa1e1f257d4e3cccea162881e03fcaeaf281717720
Size

24KB
Sample

240910-n2p2pssglj
MD5

20fc6f54e53fc3ebfeebdd2350dc2ff4
SHA1

226628009c6963670ed2b1477e441f5a9dc75deb
SHA256

309bdccd880165e7f5180eaa1e1f257d4e3cccea162881e03fcaeaf281717720
SHA512

410ee553817a1d561e030bac033df44b7f2502568f3113d56d8e4dccf79feca67d64c055a021b6456d063a063191aef1f533d718e229a6c65214159c951d6c71
SSDEEP

384:9KjAQ7BFalji945PVgTKN7wCSM+1ctrk+1kJaDHxyLECB95:9ABFOOUNgTM+1AkOZDHxyLN

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://119.29.232.58:6666/MwRF

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; Win64; x64; Trident/6.0; ASU2JS)

Targets

- Target
  
  309bdccd880165e7f5180eaa1e1f257d4e3cccea162881e03fcaeaf281717720
- Size
  
  24KB
- MD5
  
  20fc6f54e53fc3ebfeebdd2350dc2ff4
- SHA1
  
  226628009c6963670ed2b1477e441f5a9dc75deb
- SHA256
  
  309bdccd880165e7f5180eaa1e1f257d4e3cccea162881e03fcaeaf281717720
- SHA512
  
  410ee553817a1d561e030bac033df44b7f2502568f3113d56d8e4dccf79feca67d64c055a021b6456d063a063191aef1f533d718e229a6c65214159c951d6c71
- SSDEEP
  
  384:9KjAQ7BFalji945PVgTKN7wCSM+1ctrk+1kJaDHxyLECB95:9ABFOOUNgTM+1AkOZDHxyLN
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2