Overview

overview

10

Static

static

1

ps1004.ps1

windows7-x64

10

ps1004.ps1

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ps1004.ps1

  • Size

    8KB

  • Sample

    241119-nhtwjswcqr

  • MD5

    1195ad87cfc060272b60133c613b928e

  • SHA1

    d6325814107fd10ba6f63a11ecb5b796553b291b

  • SHA256

    405f7c89ba1cfa0a548c40dff89d003a06d6ad6fa8fa50bcd37f83cfc9bfa431

  • SHA512

    f0609f25c9c95cb6ec6419e6c93332731a621243a02416c4f15b0edcbf7ffc12382c08cd5a65a9fc765b62cb2e8967ca7edee027e726b061d139615588489199

  • SSDEEP

    96:zCTRX/T7Dh9pPKZT3Aasj0AwCATxuc23s5GeaWy7V1Xf4ymxtgqkfuaMk09clOm:zaF7Dh/PO3AaI2LxUlC5xtgqkfhMzcOm

Score
10/10
metasploitbackdoordiscoveryexecutiontrojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_http

C2

http://192.168.18.129:8080/UY2jjW-iTdaTLZIs9Bq1pQ1u1z9L8

Targets

    • Target

      ps1004.ps1

    • Size

      8KB

    • MD5

      1195ad87cfc060272b60133c613b928e

    • SHA1

      d6325814107fd10ba6f63a11ecb5b796553b291b

    • SHA256

      405f7c89ba1cfa0a548c40dff89d003a06d6ad6fa8fa50bcd37f83cfc9bfa431

    • SHA512

      f0609f25c9c95cb6ec6419e6c93332731a621243a02416c4f15b0edcbf7ffc12382c08cd5a65a9fc765b62cb2e8967ca7edee027e726b061d139615588489199

    • SSDEEP

      96:zCTRX/T7Dh9pPKZT3Aasj0AwCATxuc23s5GeaWy7V1Xf4ymxtgqkfuaMk09clOm:zaF7Dh/PO3AaI2LxUlC5xtgqkfhMzcOm

    Score
    10/10
    metasploitbackdoordiscoveryexecutiontrojan

    • MetaSploit

      Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.

      trojanbackdoormetasploit

    • Metasploit family

      metasploit
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks