Overview

overview

10

Static

static

3

119b1c455c...85.exe

windows7-x64

10

119b1c455c...85.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    119b1c455c8e77f49d121009c328c71ad6a9e4a5b09494e79a56d30c90da5085

  • Size

    1.2MB

  • Sample

    240921-mfeheaxcra

  • MD5

    b90a29367986251224d2bd1ddf0615c8

  • SHA1

    a5613a960e3cff6df42ba06aefb9738bc1fecfcf

  • SHA256

    119b1c455c8e77f49d121009c328c71ad6a9e4a5b09494e79a56d30c90da5085

  • SHA512

    83e0daba5efebee85c9be649dd97d8de2e07b1c8217952823f98056692b54a0ebca1bfda0ba298d89a56d22fe2ca475defef9600ca4732a5b6ef109e7c5c9064

  • SSDEEP

    24576:HpebPDnhsQlWCcXxjOgJ8hSbfML9hR25c7b6/Qwd9Z0/JvXq4dPJupMUNrKpGlFq:HsQBLhCQX+Fq1pzm

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://182.43.182.187:30088/kPh9

Attributes
  • headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; SV1)

Targets

    • Target

      119b1c455c8e77f49d121009c328c71ad6a9e4a5b09494e79a56d30c90da5085

    • Size

      1.2MB

    • MD5

      b90a29367986251224d2bd1ddf0615c8

    • SHA1

      a5613a960e3cff6df42ba06aefb9738bc1fecfcf

    • SHA256

      119b1c455c8e77f49d121009c328c71ad6a9e4a5b09494e79a56d30c90da5085

    • SHA512

      83e0daba5efebee85c9be649dd97d8de2e07b1c8217952823f98056692b54a0ebca1bfda0ba298d89a56d22fe2ca475defef9600ca4732a5b6ef109e7c5c9064

    • SSDEEP

      24576:HpebPDnhsQlWCcXxjOgJ8hSbfML9hR25c7b6/Qwd9Z0/JvXq4dPJupMUNrKpGlFq:HsQBLhCQX+Fq1pzm

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks