metasploit | 90c231c3e1a5d1ebd52e91f65689f5ee507774be3010ea4b6cd8f217cdd8c6fc | Triage

Sharing

General

Target

90c231c3e1a5d1ebd52e91f65689f5ee507774be3010ea4b6cd8f217cdd8c6fc
Size

1.2MB
Sample

240921-let12avfkh
MD5

630052662262561cc0edc574c7767425
SHA1

bc5c1bb9a5a22af1be45727b4cb928d686b70963
SHA256

90c231c3e1a5d1ebd52e91f65689f5ee507774be3010ea4b6cd8f217cdd8c6fc
SHA512

622cf0e9ffea7ce1518be921d2f3f5da6d2ede5fe15a864583b87d0caaedd86bdbf0349d3c6a7ff6bb1f7b927014b992ae48ee36abae68f18833b143726240fc
SSDEEP

24576:RperjTDxsQFWCcTJPOsJshCjvc79BZycL36NQwd9Zv+kq1yUGlFbGL:RsYVT4eXve1y1m

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://182.43.182.187:30088/kPh9

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1)

Targets

- Target
  
  90c231c3e1a5d1ebd52e91f65689f5ee507774be3010ea4b6cd8f217cdd8c6fc
- Size
  
  1.2MB
- MD5
  
  630052662262561cc0edc574c7767425
- SHA1
  
  bc5c1bb9a5a22af1be45727b4cb928d686b70963
- SHA256
  
  90c231c3e1a5d1ebd52e91f65689f5ee507774be3010ea4b6cd8f217cdd8c6fc
- SHA512
  
  622cf0e9ffea7ce1518be921d2f3f5da6d2ede5fe15a864583b87d0caaedd86bdbf0349d3c6a7ff6bb1f7b927014b992ae48ee36abae68f18833b143726240fc
- SSDEEP
  
  24576:RperjTDxsQFWCcTJPOsJshCjvc79BZycL36NQwd9Zv+kq1yUGlFbGL:RsYVT4eXve1y1m
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan