metasploit | cc227eb535e8393e6dd1a8fc57fa248846b734a6f4ffeeb597481c0c88b44a99 | Triage

Sharing

General

Target

cc227eb535e8393e6dd1a8fc57fa248846b734a6f4ffeeb597481c0c88b44a99
Size

4KB
Sample

240913-w3qcvssbqe
MD5

89d65474e7376b3c3f14b7a4bb93aaba
SHA1

3e1a19502e13b2bfd738b235305b42cd773fa22f
SHA256

cc227eb535e8393e6dd1a8fc57fa248846b734a6f4ffeeb597481c0c88b44a99
SHA512

b9a6c4317b665835eec309b5d0122b1a3c8a2a8e761f3091413bc0c44a605f0c928875d3afc5f9b6285a249d3302069594ae46698032e3a2a6a139008e34235d
SSDEEP

96:bByt6YIxXgkzrd4ye6rPk2sfbfxhbNycG4uB+bC7YY:bowXRF4QriLNycSB+b/Y

Score

10^/10

metasploit backdoor execution trojan

Malware Config

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.1.128:4444

Targets

- Target
  
  cc227eb535e8393e6dd1a8fc57fa248846b734a6f4ffeeb597481c0c88b44a99
- Size
  
  4KB
- MD5
  
  89d65474e7376b3c3f14b7a4bb93aaba
- SHA1
  
  3e1a19502e13b2bfd738b235305b42cd773fa22f
- SHA256
  
  cc227eb535e8393e6dd1a8fc57fa248846b734a6f4ffeeb597481c0c88b44a99
- SHA512
  
  b9a6c4317b665835eec309b5d0122b1a3c8a2a8e761f3091413bc0c44a605f0c928875d3afc5f9b6285a249d3302069594ae46698032e3a2a6a139008e34235d
- SSDEEP
  
  96:bByt6YIxXgkzrd4ye6rPk2sfbfxhbNycG4uB+bC7YY:bowXRF4QriLNycSB+b/Y
Score

10^/10

metasploit backdoor execution trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Command and Scripting Interpreter: PowerShell
  Using powershell.exe command.
  execution
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

PowerShell

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoorexecutiontrojan

behavioral2

metasploitbackdoorexecutiontrojan