metasploit | 004606b128065db893f73003ac380211c5df3c2cb2f0d7fe1e7a2b86250fe23d | Triage

Sharing

General

Target

004606b128065db893f73003ac380211c5df3c2cb2f0d7fe1e7a2b86250fe23d
Size

694KB
Sample

240920-w3jv3s1crl
MD5

5481eb5fcbceea65f7af99712c08902b
SHA1

d3bf66c5079dc41de8d892a542f0de961c8e92a0
SHA256

004606b128065db893f73003ac380211c5df3c2cb2f0d7fe1e7a2b86250fe23d
SHA512

6cc747b01eda8bfd216ade247b20b2b349c3f119897687c3487e3eb5d32718a244848c20c5336759ab8479b05593fc78b3b06959c8c1c9b8b4860ad9ad73014a
SSDEEP

12288:v+Wlzv2JiPcjs2ctnjTPY44HapXi/Lsm9/940lTMdrtYEYFp3S:v+C2LjaBoHaEzm0yY

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://ratemitojo.co:8080/Go/pressreleases/TQPCAOEIG

Targets

- Target
  
  004606b128065db893f73003ac380211c5df3c2cb2f0d7fe1e7a2b86250fe23d
- Size
  
  694KB
- MD5
  
  5481eb5fcbceea65f7af99712c08902b
- SHA1
  
  d3bf66c5079dc41de8d892a542f0de961c8e92a0
- SHA256
  
  004606b128065db893f73003ac380211c5df3c2cb2f0d7fe1e7a2b86250fe23d
- SHA512
  
  6cc747b01eda8bfd216ade247b20b2b349c3f119897687c3487e3eb5d32718a244848c20c5336759ab8479b05593fc78b3b06959c8c1c9b8b4860ad9ad73014a
- SSDEEP
  
  12288:v+Wlzv2JiPcjs2ctnjTPY44HapXi/Lsm9/940lTMdrtYEYFp3S:v+C2LjaBoHaEzm0yY
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan