metasploit | 9db966bf3a884645a56cdb0a004bcd2e5366ba3dae90189f44725753c431dd18 | Triage

Sharing

General

Target

9db966bf3a884645a56cdb0a004bcd2e5366ba3dae90189f44725753c431dd18
Size

10KB
Sample

240923-d914tsvgpd
MD5

5d156f39dc25a47a9a89baf5348cde03
SHA1

16cd13d4233666fd36b82daf2327bd9bb9490a15
SHA256

9db966bf3a884645a56cdb0a004bcd2e5366ba3dae90189f44725753c431dd18
SHA512

08538601306cb76452510152fa209bebe1afd8fc4708a259c034f96f8fc03b3341c010fe76c494e24fa81936b80cecdab8658e9b8d044ab6c0d866375b14716f
SSDEEP

192:ywRj17XuBWRHUjYxWJdzjOQ1eYGIZcu7E5pz6fMTMQ+:HDuBYHL0JdzjPsYGISu7aMp

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.100.102:82/INSr

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; MALCJS)

Targets

- Target
  
  9db966bf3a884645a56cdb0a004bcd2e5366ba3dae90189f44725753c431dd18
- Size
  
  10KB
- MD5
  
  5d156f39dc25a47a9a89baf5348cde03
- SHA1
  
  16cd13d4233666fd36b82daf2327bd9bb9490a15
- SHA256
  
  9db966bf3a884645a56cdb0a004bcd2e5366ba3dae90189f44725753c431dd18
- SHA512
  
  08538601306cb76452510152fa209bebe1afd8fc4708a259c034f96f8fc03b3341c010fe76c494e24fa81936b80cecdab8658e9b8d044ab6c0d866375b14716f
- SSDEEP
  
  192:ywRj17XuBWRHUjYxWJdzjOQ1eYGIZcu7E5pz6fMTMQ+:HDuBYHL0JdzjPsYGISu7aMp
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan