metasploit | 3af00e97843f7e6779b88ad79a3f638d54b3ad3e86e52c2e04fbb1ebfd946a22 | Triage

Sharing

General

Target

3af00e97843f7e6779b88ad79a3f638d54b3ad3e86e52c2e04fbb1ebfd946a22
Size

1.3MB
Sample

240912-r6yfeszckj
MD5

8fc15f493e46e0a594e1a82ad4e01623
SHA1

e7b31980fbc661d091e2953087df574420d9f542
SHA256

3af00e97843f7e6779b88ad79a3f638d54b3ad3e86e52c2e04fbb1ebfd946a22
SHA512

5aaa2a12e57c7aeaad525353bbdfa62ad193959b8e1aa7b78df9ceb40cb94e79a67050c74285b9449b11e2c28af62632ded0db72fcb7089ca6860b4b84669a2c
SSDEEP

24576:J5lRMo0yiwcNRfdSKG95aqXzK/ekq3inX2ayZ10AeCJTrldOmwuRR7cmxv3nO:JCdSKG/73inMeCj0mXRzv3nO

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://172.20.10.4:4434/jquery-3.3.1.slim.min.js

Targets

- Target
  
  3af00e97843f7e6779b88ad79a3f638d54b3ad3e86e52c2e04fbb1ebfd946a22
- Size
  
  1.3MB
- MD5
  
  8fc15f493e46e0a594e1a82ad4e01623
- SHA1
  
  e7b31980fbc661d091e2953087df574420d9f542
- SHA256
  
  3af00e97843f7e6779b88ad79a3f638d54b3ad3e86e52c2e04fbb1ebfd946a22
- SHA512
  
  5aaa2a12e57c7aeaad525353bbdfa62ad193959b8e1aa7b78df9ceb40cb94e79a67050c74285b9449b11e2c28af62632ded0db72fcb7089ca6860b4b84669a2c
- SSDEEP
  
  24576:J5lRMo0yiwcNRfdSKG95aqXzK/ekq3inX2ayZ10AeCJTrldOmwuRR7cmxv3nO:JCdSKG/73inMeCj0mXRzv3nO
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan