metasploit | 86c36b2e5c9fad17e284ce964100d93510434f0467cf3991f5fe002cc035413e | Triage

Sharing

General

Target

86c36b2e5c9fad17e284ce964100d93510434f0467cf3991f5fe002cc035413e.zip
Size

52KB
Sample

241107-c86r9aspes
MD5

49b3f593449e4a46ce1ce0b1b1e01cc8
SHA1

992288e6477e9386d064a4ac4f5ed1e4dd8772f8
SHA256

86c36b2e5c9fad17e284ce964100d93510434f0467cf3991f5fe002cc035413e
SHA512

6dfdfd882aed418a96ced360a6726c30e7b778a93e5ca2a46e994b88e72ebe3d8986397f888bce94a83fc4ab4e09a51d7e0fbec01c7e1d054474204ad0d21164
SSDEEP

768:aQj2ze18eD5vRPZeUgczp8YkjXh+EXe8TIeZf2ubPheO0fn0CSy/tVSOGra0:L2w5UcpoXhHeneV2Mo5f0CN0ra0

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/shell_reverse_tcp

C2

127.0.0.1:12346

Targets

- Target
  
  7b021b996b65f29cae4896c11d3a31874e2d5c4ce8a7a212c8bedf7dcae0f8ae.exe
- Size
  
  136KB
- MD5
  
  ab13d611d84b1a1d9ffbd21ac130a858
- SHA1
  
  336a334cd6f1263d3d36985a6a7dd15a4cf64cd9
- SHA256
  
  7b021b996b65f29cae4896c11d3a31874e2d5c4ce8a7a212c8bedf7dcae0f8ae
- SHA512
  
  c608c3cba7fcad11e6e4ae1fc17137b95ee03b7a0513b4d852405d105faf61880da9bf85b3ce7c1c700adedbf5cdccaae01e43a0345c3f1ee01b639960de877f
- SSDEEP
  
  1536:IcfYLvQWF/CdDYn7O/Vn0Q8Mb+KR0Nc8QsECIgM7q39:FQLoW9Cmn7Ot0ne0Nc8QsEpm9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan