metasploit | be8c24e7457fd4488a12f450be0da0f6544dddb9a8461afc9ae408114ca9978a | Triage

Sharing

General

Target

be8c24e7457fd4488a12f450be0da0f6544dddb9a8461afc9ae408114ca9978a
Size

85KB
Sample

241113-zq7cdssleq
MD5

30aa320c08fd066f7058dc87215ea9c2
SHA1

f3874a7f6d5115c23143c6ffa09b8d2ddc338ddb
SHA256

be8c24e7457fd4488a12f450be0da0f6544dddb9a8461afc9ae408114ca9978a
SHA512

d29fa70fbd674c8396a9b882b30a58d164e9f917f6baa636b7a99d6621c9eb3507eaf4dda45ad48ff0c9d7eae68ff01667ea377231f564e05dfc3b126bc2096f
SSDEEP

1536:qKO4ncGglKTqtfpGIfX1O9B0gYy+KBumh00zhDl17AsWvDBcdPlaxGvZE/:7nwTvfXzy+KEm3lvPlaxGvZE/

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.8.219:3333

Targets

- Target
  
  be8c24e7457fd4488a12f450be0da0f6544dddb9a8461afc9ae408114ca9978a
- Size
  
  85KB
- MD5
  
  30aa320c08fd066f7058dc87215ea9c2
- SHA1
  
  f3874a7f6d5115c23143c6ffa09b8d2ddc338ddb
- SHA256
  
  be8c24e7457fd4488a12f450be0da0f6544dddb9a8461afc9ae408114ca9978a
- SHA512
  
  d29fa70fbd674c8396a9b882b30a58d164e9f917f6baa636b7a99d6621c9eb3507eaf4dda45ad48ff0c9d7eae68ff01667ea377231f564e05dfc3b126bc2096f
- SSDEEP
  
  1536:qKO4ncGglKTqtfpGIfX1O9B0gYy+KBumh00zhDl17AsWvDBcdPlaxGvZE/:7nwTvfXzy+KEm3lvPlaxGvZE/
Score

10^/10

metasploit backdoor trojan discovery
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoordiscoverytrojan