metasploit | 81b1646e57aac1d3a7b2a7c76ae12526116e67f3fcddde267fd6217e67945191 | Triage

Sharing

General

Target

2024-11-23_47093288b83a357e3402d168805e5376_cobalt-strike_ryuk
Size

1.6MB
Sample

241123-bq8nfszpej
MD5

47093288b83a357e3402d168805e5376
SHA1

29a753ef0120bb72f3f781bc5246a64f31242bdf
SHA256

81b1646e57aac1d3a7b2a7c76ae12526116e67f3fcddde267fd6217e67945191
SHA512

f2261cc3b934086fa09db43fb33237b72cb92276648f2ccec0804038bb54de42c6b310ee64cff767824efbef483291249773cc5ebb517fcce67606db9ae10864
SSDEEP

49152:Plp9tHfYoEaTSiz23THT3WSMpDgq/qB0Rj6KIeVSc/zui+:PX/LEQkq/qBk6K2c/ii+

Score

10^/10

metasploit backdoor trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

metasploit_stager

C2

192.168.6.161:444

Targets

- Target
  
  2024-11-23_47093288b83a357e3402d168805e5376_cobalt-strike_ryuk
- Size
  
  1.6MB
- MD5
  
  47093288b83a357e3402d168805e5376
- SHA1
  
  29a753ef0120bb72f3f781bc5246a64f31242bdf
- SHA256
  
  81b1646e57aac1d3a7b2a7c76ae12526116e67f3fcddde267fd6217e67945191
- SHA512
  
  f2261cc3b934086fa09db43fb33237b72cb92276648f2ccec0804038bb54de42c6b310ee64cff767824efbef483291249773cc5ebb517fcce67606db9ae10864
- SSDEEP
  
  49152:Plp9tHfYoEaTSiz23THT3WSMpDgq/qB0Rj6KIeVSc/zui+:PX/LEQkq/qBk6K2c/ii+
Score

10^/10

metasploit backdoor trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

metasploitbackdoortrojan

behavioral2

metasploitbackdoortrojan