metasploit | d64ec0daa1364a5b8c079e1937286ee9a6a26912516cb644180da856f95e272a | Triage

Sharing

General

Target

d64ec0daa1364a5b8c079e1937286ee9a6a26912516cb644180da856f95e272a
Size

72KB
Sample

240917-cg84aszdqq
MD5

e34a75ce1f8605cdd3c2c9ab0ba342a2
SHA1

bf3b979aeb33a8e4f05a7cc4cc3fbf4d76cef0aa
SHA256

d64ec0daa1364a5b8c079e1937286ee9a6a26912516cb644180da856f95e272a
SHA512

8fc8f065de93908f5e05df51d17bdba593b48ccf0e3c33604bdb0ca8e2d74f14cfac48e4d2fd9aaafaf5fc125cac6d1479bffa66896c22608dbec29119a56ed4
SSDEEP

1536:I3OkwqwXrCm0MeA5Tdp6gYN/tfyWnW0Mb+KR0Nc8QsJq39:iOVqwbCmLx5b6gYJtfI0e0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

192.168.1.10:21345

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

- Target
  
  d64ec0daa1364a5b8c079e1937286ee9a6a26912516cb644180da856f95e272a
- Size
  
  72KB
- MD5
  
  e34a75ce1f8605cdd3c2c9ab0ba342a2
- SHA1
  
  bf3b979aeb33a8e4f05a7cc4cc3fbf4d76cef0aa
- SHA256
  
  d64ec0daa1364a5b8c079e1937286ee9a6a26912516cb644180da856f95e272a
- SHA512
  
  8fc8f065de93908f5e05df51d17bdba593b48ccf0e3c33604bdb0ca8e2d74f14cfac48e4d2fd9aaafaf5fc125cac6d1479bffa66896c22608dbec29119a56ed4
- SSDEEP
  
  1536:I3OkwqwXrCm0MeA5Tdp6gYN/tfyWnW0Mb+KR0Nc8QsJq39:iOVqwbCmLx5b6gYJtfI0e0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan