metasploit | d8285a860f2949e6759c4f04f1d15b48a839b5b16c53e335213d37439725bcbe | Triage

Sharing

General

Target

2024-11-15_116f00dd6d8a2ba094f778958a2b6f50_cobalt-strike_ryuk
Size

1.6MB
Sample

241115-ql8vzsykem
MD5

116f00dd6d8a2ba094f778958a2b6f50
SHA1

807395b58695a4e6f057244863172b3139058660
SHA256

d8285a860f2949e6759c4f04f1d15b48a839b5b16c53e335213d37439725bcbe
SHA512

646ac64e42144fb5ff50ddfade8e4c6b54d257fb8e7fd2cef966d9948942f6117d0e1789ddbe42923f20cb445a47d90ac19b210df6b211a10271bd923d21abf7
SSDEEP

49152:Plp9tHfYoEaTSiz23THT3WSMpDg7/qB0Rj6KIeVSc/zui+:PX/LEQk7/qBk6K2c/ii+

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.6.161:444

Targets

- Target
  
  2024-11-15_116f00dd6d8a2ba094f778958a2b6f50_cobalt-strike_ryuk
- Size
  
  1.6MB
- MD5
  
  116f00dd6d8a2ba094f778958a2b6f50
- SHA1
  
  807395b58695a4e6f057244863172b3139058660
- SHA256
  
  d8285a860f2949e6759c4f04f1d15b48a839b5b16c53e335213d37439725bcbe
- SHA512
  
  646ac64e42144fb5ff50ddfade8e4c6b54d257fb8e7fd2cef966d9948942f6117d0e1789ddbe42923f20cb445a47d90ac19b210df6b211a10271bd923d21abf7
- SSDEEP
  
  49152:Plp9tHfYoEaTSiz23THT3WSMpDg7/qB0Rj6KIeVSc/zui+:PX/LEQk7/qBk6K2c/ii+
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan