metasploit | 29db1d5e270e80c17f86fa3a5c131488fc6c1f9e5242ef4469ffbe1a4f414f65 | Triage

Sharing

General

Target

29db1d5e270e80c17f86fa3a5c131488fc6c1f9e5242ef4469ffbe1a4f414f65
Size

88KB
Sample

240925-ty5wmsycqd
MD5

0eb14ed8e9f5e2a6346c1facab49af72
SHA1

816c031a8314cf57352d87d3a0dd1077dfa161c6
SHA256

29db1d5e270e80c17f86fa3a5c131488fc6c1f9e5242ef4469ffbe1a4f414f65
SHA512

79b2df09711a44b1c72863f037d2901860dd6aed456b395f31c6842a7a1c2e2fa2377bb8600a11a99bdb1540207ffadc7a6d98cdc33ea7631f3e84efdd1f4700
SSDEEP

1536:Hl/V9pTNKuo9pVtUe+JDkcxpjcx+oNbtpUzuA8eV/WQQQtU:HxVzNVQUPJDkcxSx+opKIa/WQQQt

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

172.16.230.204:2422

Targets

- Target
  
  29db1d5e270e80c17f86fa3a5c131488fc6c1f9e5242ef4469ffbe1a4f414f65
- Size
  
  88KB
- MD5
  
  0eb14ed8e9f5e2a6346c1facab49af72
- SHA1
  
  816c031a8314cf57352d87d3a0dd1077dfa161c6
- SHA256
  
  29db1d5e270e80c17f86fa3a5c131488fc6c1f9e5242ef4469ffbe1a4f414f65
- SHA512
  
  79b2df09711a44b1c72863f037d2901860dd6aed456b395f31c6842a7a1c2e2fa2377bb8600a11a99bdb1540207ffadc7a6d98cdc33ea7631f3e84efdd1f4700
- SSDEEP
  
  1536:Hl/V9pTNKuo9pVtUe+JDkcxpjcx+oNbtpUzuA8eV/WQQQtU:HxVzNVQUPJDkcxSx+opKIa/WQQQt
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan