Overview

overview

10

Static

static

10

cryptolaemus

windows10-2004-x64

10

cryptolaemus

windows11-21h2-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    afccc65c8eea945df3889573ce48f81125c26f2255febf2f23f0e4b3461ebd04

  • Size

    72KB

  • Sample

    240911-z5e7fstckp

  • MD5

    9a164869b00114eacc59ea03fc5b228b

  • SHA1

    9a0e57adc75669d5799014a2f1c06894d78b0c11

  • SHA256

    afccc65c8eea945df3889573ce48f81125c26f2255febf2f23f0e4b3461ebd04

  • SHA512

    43b60d4048a9b5f47914497437de1f3ff51a2181b99f3c165a45e5401ef98bdac685ea014ceac6b32a1b8928860e024dc60c54406f63b4defc4245cf6001c866

  • SSDEEP

    1536:IWPtHZFB3EmDlWztm3DKBE3ZQURqTYBmjVwqyIKoMb+KR0Nc8QsJq39:DPtnB0mDMg3mcyJ/aqyIKoe0Nc8QsC9

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://89.197.154.116:7810/7rQMjQ0pW73r6-rqjQpIagkqYuaEID1XoXdzSQsp51dtJPW2NqoLBKwmCamtnn2bCPy-1GO-vIfv7uZ7yOibcCwIslaePVhf6Vz17pzDQJ4n9cbPdG1RHgd0ZPcMj8FuOQmxZIyAZ7fElG72tvkNVZI9bWPOIwcjWo2dBDAqCZLvbDuGq6gQ-mF183p_2D146fkBKIQ2Sk00_1wI-RBbALluJFdCcDfZ1Nc-kFl6uKxEsa7KzQ1Yw

Targets

    • Target

      afccc65c8eea945df3889573ce48f81125c26f2255febf2f23f0e4b3461ebd04

    • Size

      72KB

    • MD5

      9a164869b00114eacc59ea03fc5b228b

    • SHA1

      9a0e57adc75669d5799014a2f1c06894d78b0c11

    • SHA256

      afccc65c8eea945df3889573ce48f81125c26f2255febf2f23f0e4b3461ebd04

    • SHA512

      43b60d4048a9b5f47914497437de1f3ff51a2181b99f3c165a45e5401ef98bdac685ea014ceac6b32a1b8928860e024dc60c54406f63b4defc4245cf6001c866

    • SSDEEP

      1536:IWPtHZFB3EmDlWztm3DKBE3ZQURqTYBmjVwqyIKoMb+KR0Nc8QsJq39:DPtnB0mDMg3mcyJ/aqyIKoe0Nc8QsC9

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks