metasploit | a106695374fb2191e6dc3cd077e309e2763e947e36c57e1aa3436a237027b959 | Triage

Sharing

General

Target

a106695374fb2191e6dc3cd077e309e2763e947e36c57e1aa3436a237027b959
Size

4.2MB
Sample

241105-d589mstdrd
MD5

2096c71f4a5f550139f05e4f14614036
SHA1

d511653fa8e2e5e5c78e090893e08be78f0ff845
SHA256

a106695374fb2191e6dc3cd077e309e2763e947e36c57e1aa3436a237027b959
SHA512

917f1d98ca07206eb95e5617627ccc80576f88a6a646aec5228729583ccb9042eb77d144922bb5489278761b24a781ed4215bd8c25314fd8ede5a4ab1edc3be4
SSDEEP

49152:qYZnas9+/nPN4BQN5TxrNnEc9OyoaZELIXFl+zZkjtEtPMvr6L3k/BUr8HhZc:7Z7KcqxZEcJ5gI3+zBevr6V

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.234.129:3333

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

- Target
  
  a106695374fb2191e6dc3cd077e309e2763e947e36c57e1aa3436a237027b959
- Size
  
  4.2MB
- MD5
  
  2096c71f4a5f550139f05e4f14614036
- SHA1
  
  d511653fa8e2e5e5c78e090893e08be78f0ff845
- SHA256
  
  a106695374fb2191e6dc3cd077e309e2763e947e36c57e1aa3436a237027b959
- SHA512
  
  917f1d98ca07206eb95e5617627ccc80576f88a6a646aec5228729583ccb9042eb77d144922bb5489278761b24a781ed4215bd8c25314fd8ede5a4ab1edc3be4
- SSDEEP
  
  49152:qYZnas9+/nPN4BQN5TxrNnEc9OyoaZELIXFl+zZkjtEtPMvr6L3k/BUr8HhZc:7Z7KcqxZEcJ5gI3+zBevr6V
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan