metasploit | c1eb927c4b41daeea681c12f0b4d948e1475e9ab70f8385ecd6af759af962bbc | Triage

Sharing

General

Target

c1eb927c4b41daeea681c12f0b4d948e1475e9ab70f8385ecd6af759af962bbc
Size

20KB
Sample

240910-r83g6azhnd
MD5

a8364f2696868ae36fab7af9d0d59812
SHA1

e02451f5ddabb4cf77d65f97b059855ef8eec3e9
SHA256

c1eb927c4b41daeea681c12f0b4d948e1475e9ab70f8385ecd6af759af962bbc
SHA512

ad592c4ce17927b21a2539a1789accf53f9dad62e3af986e83fbbe940f225fb66307d05c35aeff7bbfe65bf59ef47a1647cda4a4b1aaaa7da331ae633de9d69d
SSDEEP

384:3UcXwY3ujDXTmtrM7mpGHUwMIYiBpxUV1VF0hXHMGBk7/UMQ364:3jXwNDn7ZBYi3mV1VaXLkjK

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.153.135:4455/dkX5

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MASB)

Targets

- Target
  
  c1eb927c4b41daeea681c12f0b4d948e1475e9ab70f8385ecd6af759af962bbc
- Size
  
  20KB
- MD5
  
  a8364f2696868ae36fab7af9d0d59812
- SHA1
  
  e02451f5ddabb4cf77d65f97b059855ef8eec3e9
- SHA256
  
  c1eb927c4b41daeea681c12f0b4d948e1475e9ab70f8385ecd6af759af962bbc
- SHA512
  
  ad592c4ce17927b21a2539a1789accf53f9dad62e3af986e83fbbe940f225fb66307d05c35aeff7bbfe65bf59ef47a1647cda4a4b1aaaa7da331ae633de9d69d
- SSDEEP
  
  384:3UcXwY3ujDXTmtrM7mpGHUwMIYiBpxUV1VF0hXHMGBk7/UMQ364:3jXwNDn7ZBYi3mV1VaXLkjK
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan