Overview

overview

10

Static

static

3

a33f295649...75.exe

windows7-x64

10

a33f295649...75.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a33f295649eea0542da21ed408566d07f7c3729c058ff07580326d0a9956aa75.exe

  • Size

    2.8MB

  • Sample

    240913-b1yw1axbmq

  • MD5

    cf14880e3a7fba74c80f21685cd15718

  • SHA1

    11239529295f20e5a99a8fd82bf1ffbe492b66b1

  • SHA256

    a33f295649eea0542da21ed408566d07f7c3729c058ff07580326d0a9956aa75

  • SHA512

    ed9d6c6f07a6a6235f36d04f23d360a7762dfca75590c649b740375111e95a3e6eb510c5a26c98762c834cb3938c583bf3545c1939e28ac8efc2ae10b1892ec5

  • SSDEEP

    49152:VstPILbiw+k7U5kl/qLigcrOJEYkB7OJv6073bIVmRTqRLDIPHo:VwgLGwjI5klUigKYkBEvHPIoRQDI

Score
10/10
metasploitbackdoordiscoverypyinstallertrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://123.60.104.67:32132/EoDd

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MATM)

Targets

    • Target

      a33f295649eea0542da21ed408566d07f7c3729c058ff07580326d0a9956aa75.exe

    • Size

      2.8MB

    • MD5

      cf14880e3a7fba74c80f21685cd15718

    • SHA1

      11239529295f20e5a99a8fd82bf1ffbe492b66b1

    • SHA256

      a33f295649eea0542da21ed408566d07f7c3729c058ff07580326d0a9956aa75

    • SHA512

      ed9d6c6f07a6a6235f36d04f23d360a7762dfca75590c649b740375111e95a3e6eb510c5a26c98762c834cb3938c583bf3545c1939e28ac8efc2ae10b1892ec5

    • SSDEEP

      49152:VstPILbiw+k7U5kl/qLigcrOJEYkB7OJv6073bIVmRTqRLDIPHo:VwgLGwjI5klUigKYkBEvHPIoRQDI

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks