Overview

overview

10

Static

static

3

a33f295649...75.exe

windows7-x64

10

a33f295649...75.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cf14880e3a7fba74c80f21685cd15718.bin

  • Size

    2.6MB

  • Sample

    240914-bzlv2szeqp

  • MD5

    c3d58abbd46e24a71142199a5b8fa8cc

  • SHA1

    739d21e12d8d430f9189fe10924cb5cab769a77a

  • SHA256

    a5c448dc0b31c06f6c400d15486030eeb7c2608311b476bdd23008d78679dc6f

  • SHA512

    e019b413dd19e97f5180ea22f04661c2a7f233eef7d569666f2cdd754eed838018cf1523c94457bef863ee5964106ca38bd307d756b056cee3c1e960efa33a82

  • SSDEEP

    49152:a4dGs3Ja3b9koZL40LVgGz/3Duci3dpRy5K5YA3++0yKwQu/kyILeJoHzEEl94yB:vAsZa3xbaCgGz/iciNpRwK5q+0yGu/kp

Score
10/10
metasploitbackdoordiscoverypyinstallertrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://123.60.104.67:32132/EoDd

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; MATM)

Targets

    • Target

      a33f295649eea0542da21ed408566d07f7c3729c058ff07580326d0a9956aa75.exe

    • Size

      2.8MB

    • MD5

      cf14880e3a7fba74c80f21685cd15718

    • SHA1

      11239529295f20e5a99a8fd82bf1ffbe492b66b1

    • SHA256

      a33f295649eea0542da21ed408566d07f7c3729c058ff07580326d0a9956aa75

    • SHA512

      ed9d6c6f07a6a6235f36d04f23d360a7762dfca75590c649b740375111e95a3e6eb510c5a26c98762c834cb3938c583bf3545c1939e28ac8efc2ae10b1892ec5

    • SSDEEP

      49152:VstPILbiw+k7U5kl/qLigcrOJEYkB7OJv6073bIVmRTqRLDIPHo:VwgLGwjI5klUigKYkBEvHPIoRQDI

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks