metasploit | 2c1d2f958eeff4975c3ad0c53b28b1f07b6bd475191d41a968e01ef50659b309 | Triage

Sharing

General

Target

2c1d2f958eeff4975c3ad0c53b28b1f07b6bd475191d41a968e01ef50659b309
Size

293KB
Sample

241118-gp86gs1amr
MD5

9de97f9e725e14ee5ffffd66f4f5e42a
SHA1

442b53904571e80b37d110311036ac7f59b16a31
SHA256

2c1d2f958eeff4975c3ad0c53b28b1f07b6bd475191d41a968e01ef50659b309
SHA512

27718ce3360554321fd3185afc7aa94408e714bb79b5aa26c1d015ed1052e431b811e590b7120bd884276b1d531af750999ba39c036ecaca43b55724e3eaa12f
SSDEEP

6144:WkWS459S6Xa1Eqqg36KDe8R+lJOOWjqO/VtfbgkgZ:W+K0ZO1aNi9291/vW

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://120.46.212.33:9999/DuUN

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.1.4322)

Targets

- Target
  
  2c1d2f958eeff4975c3ad0c53b28b1f07b6bd475191d41a968e01ef50659b309
- Size
  
  293KB
- MD5
  
  9de97f9e725e14ee5ffffd66f4f5e42a
- SHA1
  
  442b53904571e80b37d110311036ac7f59b16a31
- SHA256
  
  2c1d2f958eeff4975c3ad0c53b28b1f07b6bd475191d41a968e01ef50659b309
- SHA512
  
  27718ce3360554321fd3185afc7aa94408e714bb79b5aa26c1d015ed1052e431b811e590b7120bd884276b1d531af750999ba39c036ecaca43b55724e3eaa12f
- SSDEEP
  
  6144:WkWS459S6Xa1Eqqg36KDe8R+lJOOWjqO/VtfbgkgZ:W+K0ZO1aNi9291/vW
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan