Overview

overview

10

Static

static

3

1412ffb69f...52.exe

windows7-x64

10

1412ffb69f...52.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1412ffb69ff4d48945a75c7e48321e19ec83403659547b4333708f75b56f8e52

  • Size

    648KB

  • Sample

    240925-xh4kes1glk

  • MD5

    54655d848f2d6206cdafe9f127651204

  • SHA1

    26772df530d6022a02ac94502416c25cf3157517

  • SHA256

    1412ffb69ff4d48945a75c7e48321e19ec83403659547b4333708f75b56f8e52

  • SHA512

    30f7a64aebcc602da0457d0d79e124ac0b83147967c66e796c8f9e2fd5af3889a98879f6c5d33cf688aa921b5b7c62411cc6c1079ac1045d46e95cec01aa8ccc

  • SSDEEP

    12288:/ArYXO5pCbveyr5+XFYkT4yEHbds3k/D+gbwxW7oddq7rCs+48g:/ArTWbve0+VYk05hKkqgKW7B/WZ

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.64.134:80/bfJJ

Attributes
  • headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)

Targets

    • Target

      1412ffb69ff4d48945a75c7e48321e19ec83403659547b4333708f75b56f8e52

    • Size

      648KB

    • MD5

      54655d848f2d6206cdafe9f127651204

    • SHA1

      26772df530d6022a02ac94502416c25cf3157517

    • SHA256

      1412ffb69ff4d48945a75c7e48321e19ec83403659547b4333708f75b56f8e52

    • SHA512

      30f7a64aebcc602da0457d0d79e124ac0b83147967c66e796c8f9e2fd5af3889a98879f6c5d33cf688aa921b5b7c62411cc6c1079ac1045d46e95cec01aa8ccc

    • SSDEEP

      12288:/ArYXO5pCbveyr5+XFYkT4yEHbds3k/D+gbwxW7oddq7rCs+48g:/ArTWbve0+VYk05hKkqgKW7B/WZ

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks