metasploit | 2a815990a4bcd2644c9a7d85989e9b2c4d1664121164950c3a6eba12327fc6ed | Triage

Sharing

General

Target

2a815990a4bcd2644c9a7d85989e9b2c4d1664121164950c3a6eba12327fc6ed
Size

33KB
Sample

241104-rzg5vstpel
MD5

d88adc6703e4ae2c6860d94baa200fef
SHA1

ca0de2f10c1a5f8c7def84f84886192cd8071f8c
SHA256

2a815990a4bcd2644c9a7d85989e9b2c4d1664121164950c3a6eba12327fc6ed
SHA512

5020bd336b99238e8332be5b9648424ba52e05c33675fa4359bb701ba2faf4ca74ff88fac929da6124c276ecf5040a94fcad5373aea159888f5629deee9f08ea
SSDEEP

768:vKNflUtOro5a+1a0Hv1T8A8TPl0NYotL:v0iOs3bISNYot

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

52.187.78.9:443

Targets

- Target
  
  2a815990a4bcd2644c9a7d85989e9b2c4d1664121164950c3a6eba12327fc6ed
- Size
  
  33KB
- MD5
  
  d88adc6703e4ae2c6860d94baa200fef
- SHA1
  
  ca0de2f10c1a5f8c7def84f84886192cd8071f8c
- SHA256
  
  2a815990a4bcd2644c9a7d85989e9b2c4d1664121164950c3a6eba12327fc6ed
- SHA512
  
  5020bd336b99238e8332be5b9648424ba52e05c33675fa4359bb701ba2faf4ca74ff88fac929da6124c276ecf5040a94fcad5373aea159888f5629deee9f08ea
- SSDEEP
  
  768:vKNflUtOro5a+1a0Hv1T8A8TPl0NYotL:v0iOs3bISNYot
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan