metasploit | 8f099dacdff6ab084dde814ddad523b3e747781c7062ae0023ebe35d3fbbd94f | Triage

Sharing

General

Target

8f099dacdff6ab084dde814ddad523b3e747781c7062ae0023ebe35d3fbbd94fN
Size

72KB
Sample

240919-3tr9esxhpj
MD5

fc5239da5b097d973b1da4209c7d2760
SHA1

01f0e4587326ee3675b730eb4d8d7ef0e81155d7
SHA256

8f099dacdff6ab084dde814ddad523b3e747781c7062ae0023ebe35d3fbbd94f
SHA512

86b4923dd29be4e00cb98e32fbf93901bc793224db2063c4de3f6f14bbb21e612d3176edfa5e42076892ac642ea758202e8e8d7a4fef8a723dfd26f0ba12c204
SSDEEP

1536:IgIsvi8S1ZtWWzs8pAfDPOXv3FkLWMb+KR0Nc8QsJq39:dIqit1ZtThpADGXvFe0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

113.106.87.145:38621

Targets

- Target
  
  8f099dacdff6ab084dde814ddad523b3e747781c7062ae0023ebe35d3fbbd94fN
- Size
  
  72KB
- MD5
  
  fc5239da5b097d973b1da4209c7d2760
- SHA1
  
  01f0e4587326ee3675b730eb4d8d7ef0e81155d7
- SHA256
  
  8f099dacdff6ab084dde814ddad523b3e747781c7062ae0023ebe35d3fbbd94f
- SHA512
  
  86b4923dd29be4e00cb98e32fbf93901bc793224db2063c4de3f6f14bbb21e612d3176edfa5e42076892ac642ea758202e8e8d7a4fef8a723dfd26f0ba12c204
- SSDEEP
  
  1536:IgIsvi8S1ZtWWzs8pAfDPOXv3FkLWMb+KR0Nc8QsJq39:dIqit1ZtThpADGXvFe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan