metasploit | 717d1bd6c39e77d5df1880a965a559adbb0245e5e6ef114e5996e8569eb641a1 | Triage

Sharing

General

Target

717d1bd6c39e77d5df1880a965a559adbb0245e5e6ef114e5996e8569eb641a1N
Size

58KB
Sample

241109-nbczfssmfv
MD5

467bf335e2fb2df502d459987cb0ac80
SHA1

7f4ab40bef824ef104e37b22e875a82db0913c94
SHA256

717d1bd6c39e77d5df1880a965a559adbb0245e5e6ef114e5996e8569eb641a1
SHA512

f6985da9e003f48abd342b4b943a8b6b3ab56bc91d75f323cfa3df34f365456faa73ef9c072468795f2b2e8a2307ebf7e4199323f2a7d5ec8c417391b55718aa
SSDEEP

1536:TLcUj55OPHjvXoKeScFB0wTZ7/pcZzyDI:TQUF5CDwKeScFBpZaZzyDI

Score

10^/10

metasploit backdoor discovery javascript pdf trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.0.172:4545

Targets

- Target
  
  717d1bd6c39e77d5df1880a965a559adbb0245e5e6ef114e5996e8569eb641a1N
- Size
  
  58KB
- MD5
  
  467bf335e2fb2df502d459987cb0ac80
- SHA1
  
  7f4ab40bef824ef104e37b22e875a82db0913c94
- SHA256
  
  717d1bd6c39e77d5df1880a965a559adbb0245e5e6ef114e5996e8569eb641a1
- SHA512
  
  f6985da9e003f48abd342b4b943a8b6b3ab56bc91d75f323cfa3df34f365456faa73ef9c072468795f2b2e8a2307ebf7e4199323f2a7d5ec8c417391b55718aa
- SSDEEP
  
  1536:TLcUj55OPHjvXoKeScFB0wTZ7/pcZzyDI:TQUF5CDwKeScFBpZaZzyDI
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2
- Target
  
  form.pdf
- Size
  
  72KB
- MD5
  
  681073dbdc490e3abc412b115fb1180a
- SHA1
  
  883222a0ca4ec3878ad79aee8f5ca03da8ad13eb
- SHA256
  
  059b321e972583822e539f4aa4420d86e0ff512d957522807c1b7ed020f43a99
- SHA512
  
  03c609077e4cfa0e56aaafcb0b9c71afe1b18a675098d164f7f23faef58cf860f165ddd778754651b7c5b3a828d4c22c208d23c22e7e63bd9a02c8af91ee9d6c
- SSDEEP
  
  1536:I6863k1CgFOgL8ej6+o6erIWP91+fgbTGbtqJMb+KR0Nc8QsJq39:L863k1wgL8Bx6errP+fgWbIe0Nc8QsC9
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

pdfjavascriptmetasploit

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

behavioral3

metasploitbackdoordiscoverytrojan

behavioral4

metasploitbackdoordiscoverytrojan