metasploit | 282a263a77037f37ffc2e971012d639da55982b834a5f67eef5dcf43ef39cce1 | Triage

Sharing

General

Target

282a263a77037f37ffc2e971012d639da55982b834a5f67eef5dcf43ef39cce1
Size

208KB
Sample

240926-scl1zawenb
MD5

447d100af275c8f36c6b39c510dea850
SHA1

f6edcfedc779ff51376ebb20ab78cf8614bb888d
SHA256

282a263a77037f37ffc2e971012d639da55982b834a5f67eef5dcf43ef39cce1
SHA512

3b2d4f81d6cc17ebc52c2554f5a74e44b94e58ee06e767b18ebbbc1bba87b837f8bba039ae77e818f96180c65582d4778dac8aee49d44cd14c104213f36ab766
SSDEEP

6144:BL69aBPFtG7Of8KPtzeH5tvr1AMc7kAt/:BW8NtaOfVP9gjr1zc7kM

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.204.147:4444

Targets

- Target
  
  backdoor-1.exe
- Size
  
  72KB
- MD5
  
  fb823271953b6ccd19647a62a23ce442
- SHA1
  
  3a4626e20aadd3428849225adc5ed751838164c3
- SHA256
  
  c4f54fba7932f5d576c5d4e7b46cee47f16d5848378a461e49803fbde45c0f0c
- SHA512
  
  3423a44bd4760f2a5c2c791ae6bef763dbdc408f569fb365f6f1d39fafea23296399c8cbf3b474f0da40413d0a0af469d1f6ce79befb7edb450c1d4b5d982019
- SSDEEP
  
  1536:Il5Vu9aauaqnFc/MXq8Mb+KR0Nc8QsJq39:a5XauaqnFc/Mpe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2
- Target
  
  backdoor-2.exe
- Size
  
  178KB
- MD5
  
  bf462b624cb0c75f30117a5fbf997186
- SHA1
  
  55cb2ba0d034ff5d06e890a0e4ea6763324693b4
- SHA256
  
  d8807d78b8ae0f7c1783db057cb63a60f6ea36fab7a90e7617d2083349f9bc81
- SHA512
  
  a6a7d010b24ba6200dd87fec834b5eea4c7dd0a5d28239fb0670c427ec397470f1d3550f30268fea9c5f03d872bba0070d992a86a333441c40e779cf59619556
- SSDEEP
  
  3072:lzqTC/VXu6wRe0Nc8QsCQG+NilMZXgHjf4+dSSD+qtlWbovFqwaawqSWS1RjbgO4:xqGdXu6wQ0Nc8QsxGNMZwDQoSbqOGFZ2
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral3 behavioral4
- Target
  
  backdoor-3.exe
- Size
  
  179KB
- MD5
  
  d97d05d0ed1f6200fc372ff23e44c5e3
- SHA1
  
  7fd5eae75c5c94ec13dadae6a9e446ebd5c9bda7
- SHA256
  
  ba8e7a54edffc7f490873a0b02e622dae01212c0d3b066f36b427d0a5dfb8023
- SHA512
  
  7e2b21de057ec4800a4209ae0526a92ecb0d1ce2ef2dc2cc64b9a74cb13899f3e122c276aba1e0142bd580679d62ea87025eb652e958bc37ef26b4fb0c4901f4
- SSDEEP
  
  3072:xzqTC/VXu6wXe0Nc8QsC8WsPY6JtujJeY0gmtpq0A0zr05uPT91D561h/AIMT2/O:VqGdXu6wO0Nc8QsPPvjz5prAQ8uPToO4
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral5 behavioral6

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan

behavioral3

metasploitbackdoordiscoverytrojan

behavioral4

metasploitbackdoordiscoverytrojan

behavioral5

metasploitbackdoordiscoverytrojan

behavioral6

metasploitbackdoordiscoverytrojan