metasploit | bfb7f49a0db16d77c5725210343f9ff531b5883e9bc9cc0d61c9a87abaa5d69b | Triage

Sharing

General

Target

bfb7f49a0db16d77c5725210343f9ff531b5883e9bc9cc0d61c9a87abaa5d69bN
Size

72KB
Sample

240917-hh44mazble
MD5

0e5920e0aac4920aa06bf380e9dc4490
SHA1

9fe4a29c94ee55bee05a4c1c67c5a7bae7e2440c
SHA256

bfb7f49a0db16d77c5725210343f9ff531b5883e9bc9cc0d61c9a87abaa5d69b
SHA512

569fe84d086758addae536f092979d295653d26246f65ba706764975697b681c60f96dbeabefeba770a08b68f4bef2948e7196df1f41c4f4bb9c7d0533a32683
SSDEEP

1536:IaM5kaI/Ripc1aX+yiAmE5vbqyLsUN2eubRkiAsvF95ZRJ7Mb+KR0Nc8QsJq39:PM5b8ah+AmYBLsU7uQsvF9vRFe0Nc8Qb

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

53.167.187.37:17833

Targets

- Target
  
  bfb7f49a0db16d77c5725210343f9ff531b5883e9bc9cc0d61c9a87abaa5d69bN
- Size
  
  72KB
- MD5
  
  0e5920e0aac4920aa06bf380e9dc4490
- SHA1
  
  9fe4a29c94ee55bee05a4c1c67c5a7bae7e2440c
- SHA256
  
  bfb7f49a0db16d77c5725210343f9ff531b5883e9bc9cc0d61c9a87abaa5d69b
- SHA512
  
  569fe84d086758addae536f092979d295653d26246f65ba706764975697b681c60f96dbeabefeba770a08b68f4bef2948e7196df1f41c4f4bb9c7d0533a32683
- SSDEEP
  
  1536:IaM5kaI/Ripc1aX+yiAmE5vbqyLsUN2eubRkiAsvF95ZRJ7Mb+KR0Nc8QsJq39:PM5b8ah+AmYBLsU7uQsvF9vRFe0Nc8Qb
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2