metasploit | dd872f15c9e05e24b589b9bcf0a8bcb932788fd44440baba0cdf9ca7f92e3264 | Triage

Sharing

General

Target

dd872f15c9e05e24b589b9bcf0a8bcb932788fd44440baba0cdf9ca7f92e3264.exe
Size

72KB
Sample

241123-eszp4straj
MD5

6c08661e838558cd80e837197e4feb34
SHA1

0c0dc858757f3b18be74228a8bdd5314deab54ec
SHA256

dd872f15c9e05e24b589b9bcf0a8bcb932788fd44440baba0cdf9ca7f92e3264
SHA512

7f3b04a65c4502e3c8b37bae15c5055e5d46ed2d3731d5a83bfc57a9b095cbf25e73b569e9bb4ad1e2b776321498f0429c8e279a3824b5e20101e0e817c813d0
SSDEEP

1536:IooG6mdmp008gImuRPGmjDvDof0YjFz6eMb+KR0Nc8QsJq3l:doGE00+lR+mjbk0YjFDe0Nc8QsCl

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.0.2.15:4444

Targets

- Target
  
  dd872f15c9e05e24b589b9bcf0a8bcb932788fd44440baba0cdf9ca7f92e3264.exe
- Size
  
  72KB
- MD5
  
  6c08661e838558cd80e837197e4feb34
- SHA1
  
  0c0dc858757f3b18be74228a8bdd5314deab54ec
- SHA256
  
  dd872f15c9e05e24b589b9bcf0a8bcb932788fd44440baba0cdf9ca7f92e3264
- SHA512
  
  7f3b04a65c4502e3c8b37bae15c5055e5d46ed2d3731d5a83bfc57a9b095cbf25e73b569e9bb4ad1e2b776321498f0429c8e279a3824b5e20101e0e817c813d0
- SSDEEP
  
  1536:IooG6mdmp008gImuRPGmjDvDof0YjFz6eMb+KR0Nc8QsJq3l:doGE00+lR+mjbk0YjFDe0Nc8QsCl
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan