metasploit | 1c44cca0b9c1eb18241053b945712e472c393238af65eef25c24f601ff8da457 | Triage

Sharing

General

Target

1c44cca0b9c1eb18241053b945712e472c393238af65eef25c24f601ff8da457
Size

72KB
Sample

240917-xsy3pazcqn
MD5

20d9f63951ae051238f0e7efddae49ed
SHA1

d78857a21ed0b563cc52febc9c3c7686a063eea4
SHA256

1c44cca0b9c1eb18241053b945712e472c393238af65eef25c24f601ff8da457
SHA512

001daf7f3200e77f3780543c20a93d82c98b61925f6ff9802bd7c6453c5e8f08e47a2a28212e0a58c678efb965b9fa8182f517ec4068a14bc24ef1c27a1ec56b
SSDEEP

1536:IDX/zeSBzkhqmjlTeU85HOzmMb+KR0Nc8QsJq39:MrBovsHOae0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

121.35.81.87:33627

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

- Target
  
  1c44cca0b9c1eb18241053b945712e472c393238af65eef25c24f601ff8da457
- Size
  
  72KB
- MD5
  
  20d9f63951ae051238f0e7efddae49ed
- SHA1
  
  d78857a21ed0b563cc52febc9c3c7686a063eea4
- SHA256
  
  1c44cca0b9c1eb18241053b945712e472c393238af65eef25c24f601ff8da457
- SHA512
  
  001daf7f3200e77f3780543c20a93d82c98b61925f6ff9802bd7c6453c5e8f08e47a2a28212e0a58c678efb965b9fa8182f517ec4068a14bc24ef1c27a1ec56b
- SSDEEP
  
  1536:IDX/zeSBzkhqmjlTeU85HOzmMb+KR0Nc8QsJq39:MrBovsHOae0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan