metasploit

General

Target

1bc0e88a9701dc47ad05a80cd3b60d591763c246203b3756b61b4e702de550dd
Size

34KB
Sample

240918-zxln9stdrn
MD5

966e838d8770bb9bd464a73423b374e0
SHA1

2d7e4eb83b391ff20524847b6ce35ee4c32f528f
SHA256

1bc0e88a9701dc47ad05a80cd3b60d591763c246203b3756b61b4e702de550dd
SHA512

abc79bf769012fcf89ab4d5202dfa2cbf5dc0a23fcbf5a4abe0ae72203c1c7c1dcb51a819888443df1d6b0f6bf4e1aece0d01a160fbf20da6aee2475b85e197e
SSDEEP

384:LSiSwvxjk+tzdtCosdUR/egp/SO0CZeKHXyknWzUg0jF6e+8k+R:LVxw+teosdUR/DhZ93yknq5AZ

Score

10^/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://10.0.2.10:443/QCZ9i3I5cAEcjh2PemTorgY4WZ6cGX7vGe4jY-Uqvj9Qk8C6G-1MqrTnFijh292xH44jg6bKV41Dfr5RtGwUJ9eyRhfI8CbD_QX0DvO9yL4OoI1xNpshDqUkY8_yvrN7X6Z4o2X3x05Z9zZDnFP0sRxY9vEd5qM_lys_SNq9qDhpFSKcHdFgfEvuASdc35OQLtNktxmCUhSKJJ1xb8r61tf

Targets

- Target
  
  1bc0e88a9701dc47ad05a80cd3b60d591763c246203b3756b61b4e702de550dd
- Size
  
  34KB
- MD5
  
  966e838d8770bb9bd464a73423b374e0
- SHA1
  
  2d7e4eb83b391ff20524847b6ce35ee4c32f528f
- SHA256
  
  1bc0e88a9701dc47ad05a80cd3b60d591763c246203b3756b61b4e702de550dd
- SHA512
  
  abc79bf769012fcf89ab4d5202dfa2cbf5dc0a23fcbf5a4abe0ae72203c1c7c1dcb51a819888443df1d6b0f6bf4e1aece0d01a160fbf20da6aee2475b85e197e
- SSDEEP
  
  384:LSiSwvxjk+tzdtCosdUR/egp/SO0CZeKHXyknWzUg0jF6e+8k+R:LVxw+teosdUR/DhZ93yknq5AZ
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Process spawned suspicious child process
  This child process is typically not spawned unless (for example) the parent process crashes. This typically indicates the parent process was unsuccessfully compromised.
behavioral1 behavioral2