metasploit | db8ab5216f20f733898ec4f4dd786659c157a8c1af185445d05a89b24b69b6b9 | Triage

Sharing

General

Target

neki.exe
Size

5.6MB
Sample

241115-j12a5a1fjp
MD5

82a815bb45876d790320339bc24baf37
SHA1

47e2ee51c3bef1dec7aa9ffef5febd61d0a8a4e7
SHA256

db8ab5216f20f733898ec4f4dd786659c157a8c1af185445d05a89b24b69b6b9
SHA512

5ba91858049edeb7b42d90a578f2be2aa7955c7f08c0323b4e317b55d1ccb87863de08f9468827ba09d8e2312564d5b4f7a1251a9f2772ff3b7e6015f49d34e7
SSDEEP

49152:7tLB09ObgzLb/8xQjONoO80TSVQav4cdffd4SYHaPBDATfHi8FjpKOPswdcLMR46:ZKqTK+Q/eaPBlO9Y2hwpiHN0I

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.50.79:4444

Targets

- Target
  
  neki.exe
- Size
  
  5.6MB
- MD5
  
  82a815bb45876d790320339bc24baf37
- SHA1
  
  47e2ee51c3bef1dec7aa9ffef5febd61d0a8a4e7
- SHA256
  
  db8ab5216f20f733898ec4f4dd786659c157a8c1af185445d05a89b24b69b6b9
- SHA512
  
  5ba91858049edeb7b42d90a578f2be2aa7955c7f08c0323b4e317b55d1ccb87863de08f9468827ba09d8e2312564d5b4f7a1251a9f2772ff3b7e6015f49d34e7
- SSDEEP
  
  49152:7tLB09ObgzLb/8xQjONoO80TSVQav4cdffd4SYHaPBDATfHi8FjpKOPswdcLMR46:ZKqTK+Q/eaPBlO9Y2hwpiHN0I
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan