metasploit | 894d86fb6f89f89108966284fca6573e4f83ab81004768bc2fde1a92c65fbc9c | Triage

Sharing

General

Target

894d86fb6f89f89108966284fca6573e4f83ab81004768bc2fde1a92c65fbc9c
Size

14KB
Sample

240926-wbw2bssfqg
MD5

60887a5da3edb20ffc21893510b11735
SHA1

2cf22313d80f5bfa6b79dc881849fb8e5fe31acb
SHA256

894d86fb6f89f89108966284fca6573e4f83ab81004768bc2fde1a92c65fbc9c
SHA512

cdfa333eaed0f9fbde1d2768c0cd24ba4c1f8b7f024fd4dead11bb15cbdecbba2876097661ffc9544dd5fd4f38ba5f22a576017f72ced7cf2cee4119e532090f
SSDEEP

192:53mbPYCfMcrfOIuZmvKQxtzlSIVX6NOlqQ3p6ejDMN1:AMCfrfQ6tBSIGQoeUN1

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://89.197.154.115:7700/LXvB

Attributes

headers User-Agent: Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.2; WOW64; Trident/6.0; Touch; MASPJS)

Targets

- Target
  
  894d86fb6f89f89108966284fca6573e4f83ab81004768bc2fde1a92c65fbc9c
- Size
  
  14KB
- MD5
  
  60887a5da3edb20ffc21893510b11735
- SHA1
  
  2cf22313d80f5bfa6b79dc881849fb8e5fe31acb
- SHA256
  
  894d86fb6f89f89108966284fca6573e4f83ab81004768bc2fde1a92c65fbc9c
- SHA512
  
  cdfa333eaed0f9fbde1d2768c0cd24ba4c1f8b7f024fd4dead11bb15cbdecbba2876097661ffc9544dd5fd4f38ba5f22a576017f72ced7cf2cee4119e532090f
- SSDEEP
  
  192:53mbPYCfMcrfOIuZmvKQxtzlSIVX6NOlqQ3p6ejDMN1:AMCfrfQ6tBSIGQoeUN1
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan