metasploit | 8737572b8a207bf51ef2944438e6af49f214a417e224eb68152bd1771896892f | Triage

Sharing

General

Target

cifrado.exe
Size

72KB
Sample

240917-caqndazcrl
MD5

d2cf08b916c3356ada6e8e493225be87
SHA1

b82423722e56610984685a58655db158b3bc07ef
SHA256

8737572b8a207bf51ef2944438e6af49f214a417e224eb68152bd1771896892f
SHA512

66f7bdb1b230b22fe828d1ad8574c45dcccc054aa186caa09a3237420e7b4a440c2a6d28c3b489f31654492aa61b41685a5f12b01dfb8b05ec9b28cb2db89371
SSDEEP

1536:IaWg2aD665vzpEL5505kWy1cMb+KR0Nc8QsJq39:tb665Ef1ce0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.1.13:8080

Targets

- Target
  
  cifrado.exe
- Size
  
  72KB
- MD5
  
  d2cf08b916c3356ada6e8e493225be87
- SHA1
  
  b82423722e56610984685a58655db158b3bc07ef
- SHA256
  
  8737572b8a207bf51ef2944438e6af49f214a417e224eb68152bd1771896892f
- SHA512
  
  66f7bdb1b230b22fe828d1ad8574c45dcccc054aa186caa09a3237420e7b4a440c2a6d28c3b489f31654492aa61b41685a5f12b01dfb8b05ec9b28cb2db89371
- SSDEEP
  
  1536:IaWg2aD665vzpEL5505kWy1cMb+KR0Nc8QsJq39:tb665Ef1ce0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan