Overview

overview

10

Static

static

3

MFA_migrat....5.exe

windows7-x64

10

MFA_migrat....5.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f9a4d4e605f23a0eb568eb131f43e9577f0722cf5683955f280e910722f7e185

  • Size

    2.8MB

  • Sample

    241104-nvn6tsymdt

  • MD5

    3acae01483799f67397311f890aa0f32

  • SHA1

    d0053c358f60d348c896ed39d7b78496b1789260

  • SHA256

    f9a4d4e605f23a0eb568eb131f43e9577f0722cf5683955f280e910722f7e185

  • SHA512

    4a701d527f8dd8e062a94ecbc923d23824bde0b0f78b9397c8d8ea536e753650d998d9782f81ded028602a4e6e8d4023e643386f026d10ee658ea72115d3ed4e

  • SSDEEP

    49152:KCC+OAqkLI5MbyRHqm0GPF/JARDEq+z8Td7IqiG7wtcb6m+0jaqV2dVGF5iF3mtr:KxhpqbcKWNJI9+z8OqiZtcb6T0DriYtr

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://105.112.107.100:80/TncD

Targets

    • Target

      MFA_migration_patchv3.5.exe

    • Size

      2.9MB

    • MD5

      889b3e191a04ab49d4073595d75f588c

    • SHA1

      69f26dd90da1023d642803840d8c0683ed145721

    • SHA256

      75f8b70d8625cede00db1108c56ebcd577e6fc7b029b9eb2e47ffafefa669f88

    • SHA512

      c4a6d14abe872af5edfc1fb90da6787271ec624d6e1639f6c19c55be7d6d0cb563609abf78288695c4b63368f33cf84344659b4ba1c07d23e01ff0a3560fc6a8

    • SSDEEP

      49152:otg7ETQsdPk46ZJxwe8OGQQzqhwCdxKKTUqZIt7tTt+YsaGGCj/TeDeJQxHEExLS:mtdPRGS5maKZUga7tMFGNDtNEoJM

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks