metasploit | 585ac1b647fccc7d813be126371457e7826085b96fa8f6f46a30a68f43e49209 | Triage

Sharing

General

Target

win2.exe
Size

14KB
Sample

240916-y8ybrsyalj
MD5

0397e3b0fe0fd048b752cbe847d732ff
SHA1

81bff4802cffb9bf2090124a2b1c3ab476d19491
SHA256

585ac1b647fccc7d813be126371457e7826085b96fa8f6f46a30a68f43e49209
SHA512

11f2bf8490f0f33881061aee5a15a28dd6584ea870bc6dd6a593c7660d46c5a133eae4a42fdc0ac400059300dd78007a30d7328b4ffc22cfa39d4342c48e6ab3
SSDEEP

192:AaH+DgGK83SxHn2OQ/dmBI4KBfTgir+xzWWKlX7bqUqV/Qjo7AGa:A2+kGKqbOCdWIVBff+xzMvfCXAn

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://107.172.29.162:9988/tXHH

Attributes

headers User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; rv:11.0) like Gecko

Targets

- Target
  
  win2.exe
- Size
  
  14KB
- MD5
  
  0397e3b0fe0fd048b752cbe847d732ff
- SHA1
  
  81bff4802cffb9bf2090124a2b1c3ab476d19491
- SHA256
  
  585ac1b647fccc7d813be126371457e7826085b96fa8f6f46a30a68f43e49209
- SHA512
  
  11f2bf8490f0f33881061aee5a15a28dd6584ea870bc6dd6a593c7660d46c5a133eae4a42fdc0ac400059300dd78007a30d7328b4ffc22cfa39d4342c48e6ab3
- SSDEEP
  
  192:AaH+DgGK83SxHn2OQ/dmBI4KBfTgir+xzWWKlX7bqUqV/Qjo7AGa:A2+kGKqbOCdWIVBff+xzMvfCXAn
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan