metasploit | ed2523decac77327dc0ad4631327f65e99b88a467d2ff8961667334c732fa23a | Triage

Sharing

General

Target

ed2523decac77327dc0ad4631327f65e99b88a467d2ff8961667334c732fa23aN.exe
Size

72KB
Sample

240926-mnf17swbnf
MD5

a149e7a383d39c5df2e8b6ddc9d47ac0
SHA1

33d31bba496c9ec86e69bb7a7f18d4e401ebf5e8
SHA256

ed2523decac77327dc0ad4631327f65e99b88a467d2ff8961667334c732fa23a
SHA512

15fa9094d3df2fbe0bc1dac7ef1c519023d5414d2281c9e9714b76464359e14d522f5d14e6a9f9e79f37213ae4a8a80fa88a3472c7670df9703e94d8a970fc46
SSDEEP

1536:IpYbPTmyTrkhqYfrpa/WxROJSLbxrFTLUJ9ux+Mb+KR0Nc8QsJq39:gYPm/hqYfrg/EROcbJim+e0Nc8QsC9

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.226.133:443

Targets

- Target
  
  ed2523decac77327dc0ad4631327f65e99b88a467d2ff8961667334c732fa23aN.exe
- Size
  
  72KB
- MD5
  
  a149e7a383d39c5df2e8b6ddc9d47ac0
- SHA1
  
  33d31bba496c9ec86e69bb7a7f18d4e401ebf5e8
- SHA256
  
  ed2523decac77327dc0ad4631327f65e99b88a467d2ff8961667334c732fa23a
- SHA512
  
  15fa9094d3df2fbe0bc1dac7ef1c519023d5414d2281c9e9714b76464359e14d522f5d14e6a9f9e79f37213ae4a8a80fa88a3472c7670df9703e94d8a970fc46
- SSDEEP
  
  1536:IpYbPTmyTrkhqYfrpa/WxROJSLbxrFTLUJ9ux+Mb+KR0Nc8QsJq39:gYPm/hqYfrg/EROcbJim+e0Nc8QsC9
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan