metasploit | 409bd8dfcf7fe1db114168ea6f2efe6b41aaea3f7b2c8c0364c05b4177f316c9 | Triage

Sharing

General

Target

409bd8dfcf7fe1db114168ea6f2efe6b41aaea3f7b2c8c0364c05b4177f316c9N
Size

72KB
Sample

240920-jameaavdqa
MD5

d605db8fd4060ec42e56072296d39ff0
SHA1

9b271e25365ade186b5af32ea96bcf0ad49570cd
SHA256

409bd8dfcf7fe1db114168ea6f2efe6b41aaea3f7b2c8c0364c05b4177f316c9
SHA512

05e0069611c6a2f2157a9ff123005241e3c595da7cbd154fe85736b870441d5b0a04005bbdabaa894d5b90e364ef040198de71cb09d8b39cad2859f1627b1970
SSDEEP

1536:IFnSQ/lHLZ3jXXZy5qz6FRMb+KR0Nc8QsJq39:+SQ/xLZTXXZiqWFRe0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

10.90.120.127:4444

Targets

- Target
  
  409bd8dfcf7fe1db114168ea6f2efe6b41aaea3f7b2c8c0364c05b4177f316c9N
- Size
  
  72KB
- MD5
  
  d605db8fd4060ec42e56072296d39ff0
- SHA1
  
  9b271e25365ade186b5af32ea96bcf0ad49570cd
- SHA256
  
  409bd8dfcf7fe1db114168ea6f2efe6b41aaea3f7b2c8c0364c05b4177f316c9
- SHA512
  
  05e0069611c6a2f2157a9ff123005241e3c595da7cbd154fe85736b870441d5b0a04005bbdabaa894d5b90e364ef040198de71cb09d8b39cad2859f1627b1970
- SSDEEP
  
  1536:IFnSQ/lHLZ3jXXZy5qz6FRMb+KR0Nc8QsJq39:+SQ/xLZTXXZiqWFRe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan