metasploit | 6212fa8e35896123bd25ddfce03ec95ef9a0b55414a75b7f6428bd79aee0ef5f | Triage

Sharing

General

Target

6212fa8e35896123bd25ddfce03ec95ef9a0b55414a75b7f6428bd79aee0ef5f
Size

649KB
Sample

240924-a19g3a1gnr
MD5

72ffe1a2632f80b03daffba9948bfd8d
SHA1

9bbb7cde0abbc398de7d0e4f556818722a8e81e5
SHA256

6212fa8e35896123bd25ddfce03ec95ef9a0b55414a75b7f6428bd79aee0ef5f
SHA512

adff1b26b3f4587d886cc38b8c33880c1ca3fc39f034152e7976d3166caece54da07186e78a7f5fa8f1c73c44001e08e7f1d3ac8d823389e3b22656e8a9c00ed
SSDEEP

12288:VxgOfaljcI1TX+Sb9Ct3X418aYkQi02nWY6OcbdYRls7rCs+vMA:VxnGcI1ySb8t3o1PYo7ntchT/GE

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://fzlin.yalemon.com:443/jquery-3.3.1.slim.min.js

Targets

- Target
  
  6212fa8e35896123bd25ddfce03ec95ef9a0b55414a75b7f6428bd79aee0ef5f
- Size
  
  649KB
- MD5
  
  72ffe1a2632f80b03daffba9948bfd8d
- SHA1
  
  9bbb7cde0abbc398de7d0e4f556818722a8e81e5
- SHA256
  
  6212fa8e35896123bd25ddfce03ec95ef9a0b55414a75b7f6428bd79aee0ef5f
- SHA512
  
  adff1b26b3f4587d886cc38b8c33880c1ca3fc39f034152e7976d3166caece54da07186e78a7f5fa8f1c73c44001e08e7f1d3ac8d823389e3b22656e8a9c00ed
- SSDEEP
  
  12288:VxgOfaljcI1TX+Sb9Ct3X418aYkQi02nWY6OcbdYRls7rCs+vMA:VxnGcI1ySb8t3o1PYo7ntchT/GE
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

metasploitbackdoordiscoverytrojan