Overview

overview

10

Static

static

3

232e5b42c8...9N.exe

windows7-x64

10

232e5b42c8...9N.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    232e5b42c83c10d6f9085b451875ef41c18fea15c319305543359eb405b207b9N

  • Size

    204KB

  • Sample

    241107-c552jssngt

  • MD5

    8e14b47e32f236dca99e5bf043743440

  • SHA1

    d9ece7e3ac708590e19a818fc1197431314d8d21

  • SHA256

    232e5b42c83c10d6f9085b451875ef41c18fea15c319305543359eb405b207b9

  • SHA512

    7f631017f2a31506b9dada55ac400bfa78d77e106e63947f61c9bfc6c5da2350a6c1fae3af1db4daa1b2dbc5ae4be5ef1665de4d63ec2b5b61fc13acff8ebfe3

  • SSDEEP

    3072:lVwto96+N9RHodD5z8l6Hc4z8q2fK87DiyDhZ8pFSPMmQ1f3Tv89FRYXfvWtWq3x:lVwtoRfWpUNOpsPM5jqRGetWqAXsPy

Score
10/10
metasploitbackdoordiscoverytrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp_allports

C2

192.168.1.109:1

Targets

    • Target

      232e5b42c83c10d6f9085b451875ef41c18fea15c319305543359eb405b207b9N

    • Size

      204KB

    • MD5

      8e14b47e32f236dca99e5bf043743440

    • SHA1

      d9ece7e3ac708590e19a818fc1197431314d8d21

    • SHA256

      232e5b42c83c10d6f9085b451875ef41c18fea15c319305543359eb405b207b9

    • SHA512

      7f631017f2a31506b9dada55ac400bfa78d77e106e63947f61c9bfc6c5da2350a6c1fae3af1db4daa1b2dbc5ae4be5ef1665de4d63ec2b5b61fc13acff8ebfe3

    • SSDEEP

      3072:lVwto96+N9RHodD5z8l6Hc4z8q2fK87DiyDhZ8pFSPMmQ1f3Tv89FRYXfvWtWq3x:lVwtoRfWpUNOpsPM5jqRGetWqAXsPy

    Score
    10/10
    metasploitbackdoordiscoverytrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks