metasploit | f8a6cd0e823b75e2a78cf192f085a33d3ed00b2e0eb2808eebaddf1c7bb0984e | Triage

Sharing

General

Target

neki.exe
Size

5.5MB
Sample

241104-l8e4zaydjf
MD5

235dfe8638e036d691e6b844c612921e
SHA1

bc14226d20b69065fe036c1742f84804137aa34a
SHA256

f8a6cd0e823b75e2a78cf192f085a33d3ed00b2e0eb2808eebaddf1c7bb0984e
SHA512

c0401cbf88c28e323a2ecf33337d970244d910ee06725e88d64fd78b51e5980296a27d04bc11ec85ddc243c0f4cc352837c79dc9525040f19087be93e380e67d
SSDEEP

49152:PuJtXnyHGUKf8bdu99LYYk8StNVQsPDLYH4TMcBaPBDATvHi8FjpKOPswdcLMR4i:GejtH32YMcaPBZO9YHPhwpBmGdT

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

69.69.69.69:4444

Targets

- Target
  
  neki.exe
- Size
  
  5.5MB
- MD5
  
  235dfe8638e036d691e6b844c612921e
- SHA1
  
  bc14226d20b69065fe036c1742f84804137aa34a
- SHA256
  
  f8a6cd0e823b75e2a78cf192f085a33d3ed00b2e0eb2808eebaddf1c7bb0984e
- SHA512
  
  c0401cbf88c28e323a2ecf33337d970244d910ee06725e88d64fd78b51e5980296a27d04bc11ec85ddc243c0f4cc352837c79dc9525040f19087be93e380e67d
- SSDEEP
  
  49152:PuJtXnyHGUKf8bdu99LYYk8StNVQsPDLYH4TMcBaPBDATvHi8FjpKOPswdcLMR4i:GejtH32YMcaPBZO9YHPhwpBmGdT
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan