metasploit | c15bbf951510c8c9df091d1f875d9a41f12472074abed85b980460bdc4cccd8c | Triage

Sharing

General

Target

c15bbf951510c8c9df091d1f875d9a41f12472074abed85b980460bdc4cccd8c
Size

14KB
Sample

240926-fdlelsyaqj
MD5

3011ed30813d250225ffbf47a9478198
SHA1

ee158a9b17a872f2d1ac53249f2aa60e6c388fca
SHA256

c15bbf951510c8c9df091d1f875d9a41f12472074abed85b980460bdc4cccd8c
SHA512

c064e2d06f05f98235834bf678265af752065632eb71dd2e0b65175c91dad61441473d4bfba77ff8bda9098056b32fdd5a11e77a8e9bf241f677e5afe9d22bfb
SSDEEP

192:E3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOwSjzZEwejDMN1:LMCfrfQ6tBSIVzaweUN1

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.45.131:9999/SIFz

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0; LBBROWSER)

Targets

- Target
  
  c15bbf951510c8c9df091d1f875d9a41f12472074abed85b980460bdc4cccd8c
- Size
  
  14KB
- MD5
  
  3011ed30813d250225ffbf47a9478198
- SHA1
  
  ee158a9b17a872f2d1ac53249f2aa60e6c388fca
- SHA256
  
  c15bbf951510c8c9df091d1f875d9a41f12472074abed85b980460bdc4cccd8c
- SHA512
  
  c064e2d06f05f98235834bf678265af752065632eb71dd2e0b65175c91dad61441473d4bfba77ff8bda9098056b32fdd5a11e77a8e9bf241f677e5afe9d22bfb
- SSDEEP
  
  192:E3mbPYCfMcrfOIuZmvKQxtzlSIVX6NOwSjzZEwejDMN1:LMCfrfQ6tBSIVzaweUN1
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan