metasploit

General

Target

bb2d3acfc631aa1fc7f2ed30131bc692.7z
Size

345KB
Sample

241018-lm7xvssdnp
MD5

bb2d3acfc631aa1fc7f2ed30131bc692
SHA1

1ff772a6d1d2df7378a713c8f5e4c7ffd717f9f9
SHA256

01cf0a47ab01d55fdea021a5119ee23d600ed9a75ca4a820a9529e8aed5956b9
SHA512

ac5464d722a586d143a432c8b8778156e80dd8b97252b90774e9e5f67697cb098e17eefa4455f1c571e2ab71541b8fc987423e0eedb085987080e17b23e2b469
SSDEEP

6144:DzLdXSgGx0ufzSh5ya66cyc/gCYBuRI/uf0JPmVnc+V8TK7dN9hy:DlGx0Y+5yaSr/XCuiNwtl7zy

Score

10^/10

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://10.30.5.18:443/bF-9vFVEfZj6K_sqnIb4qwyeW3TSVEsP3Rt0oyRFteYLHOCyaf5_iVoLDbKGuupIaFCahtb7rv2X-_iXCWgVioDqrcw_vST0wsWO9IehOfIAcs1pgSzdJS1OEilhzj0vO78Fq5e7iojhnliBsv_krDH2_F8mXDisqKHJDt6Vs3mo8_tUfncBA5gG08Fe-z7NwLVNoL

Targets

- Target
  
  putty.exe
- Size
  
  395KB
- MD5
  
  d71b5ceb7e95998303d0a8543651a4f4
- SHA1
  
  75b8b9dc04fb89b4d2d10550a01c97f0d7c2eccf
- SHA256
  
  faf6a88f7009bcb34f39ca11e7b1968b9666ee10609ad49ba8cf32e36c2ad397
- SHA512
  
  4604df3c9dd737d4164662ad51abba544209b1e1391941effa16c15d51f213ad389c3e1ddd9bd278b996ede8236fae7f3ccc766a03e24487c9384206b168b295
- SSDEEP
  
  6144:kzrx7YDzTKyYWx4mGv0bYzk95tax6cyS/glgBuRI/uU0JPmVn7OCkpkdt4:ydqvKIfGv0Mk5taXd/o6ui2wtJkSH4
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

1

T1614

System Language Discovery

1

T1614.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

Sharing

General

Malware Config

Extracted

Targets

MITRE ATT&CK Enterprise v15

Tasks

static1

behavioral1

behavioral2