metasploit | 8c68b959c5f6e1361040ab68af8a556539ec9d29676c2664726cc6d151975d49 | Triage

Submit
Reports

Overview

overview

Static

static

3

2024-11-03...uk.exe

windows7-x64

2024-11-03...uk.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

Target

2024-11-03_9671440cec6c56ead52f51445420d371_ryuk
Size

3.9MB
Sample

241103-hvq3jayckm
MD5

9671440cec6c56ead52f51445420d371
SHA1

16cfda02193133e14cc0b3f2e6184d88c1c61652
SHA256

8c68b959c5f6e1361040ab68af8a556539ec9d29676c2664726cc6d151975d49
SHA512

54d58f08ea3ea8f5418ed148a2de80401bbd4f33e74a7a12860d2fb9ce7a7aa1d6f37350ee1cc0aea1e81f318136517580721786ced4a16808c391c1cea3c6f1
SSDEEP

98304:BZIVJ9FevZJq/DxPtyBQPnRNJe1B+XKZbFcsUCcnbHJK:BYnexA75iGRNJpNsmbHk

Score

10^/10

metasploit backdoor pyinstaller trojan

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

2024-11-03_9671440cec6c56ead52f51445420d371_ryuk.exe

Resource

win7-20240903-en

metasploit backdoor trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2024-11-03_9671440cec6c56ead52f51445420d371_ryuk.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

metasploit

Version

encoder/fnstenv_mov

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.232.72:4444

Targets

- Target
  
  2024-11-03_9671440cec6c56ead52f51445420d371_ryuk
- Size
  
  3.9MB
- MD5
  
  9671440cec6c56ead52f51445420d371
- SHA1
  
  16cfda02193133e14cc0b3f2e6184d88c1c61652
- SHA256
  
  8c68b959c5f6e1361040ab68af8a556539ec9d29676c2664726cc6d151975d49
- SHA512
  
  54d58f08ea3ea8f5418ed148a2de80401bbd4f33e74a7a12860d2fb9ce7a7aa1d6f37350ee1cc0aea1e81f318136517580721786ced4a16808c391c1cea3c6f1
- SSDEEP
  
  98304:BZIVJ9FevZJq/DxPtyBQPnRNJe1B+XKZbFcsUCcnbHJK:BYnexA75iGRNJpNsmbHk
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

© 2018-2025

Terms | Privacy