metasploit | 827d5356f6808002403f1c8f7ac0bbf49468a23c4c5accc96a51a276b5bc510e | Triage

Sharing

General

Target

827d5356f6808002403f1c8f7ac0bbf49468a23c4c5accc96a51a276b5bc510e.exe
Size

72KB
Sample

241123-nlhyfstpet
MD5

e618064e8faf8fdb27d92392bc2b05e1
SHA1

aaf194b97191938ed055dfd367939c27d66001fb
SHA256

827d5356f6808002403f1c8f7ac0bbf49468a23c4c5accc96a51a276b5bc510e
SHA512

adb4c644c207d935c4a13dc0fc43c4ad4af21e0e2dd5ed367915a8228252133bb56634a8878174a16cee3757761f33c583ae04a904d679bac97f144078c28067
SSDEEP

1536:I5ONZwH4iFYx8jTz0yKEdpCMb+KR0Nc8QsJq3/:gONuH4Cu83wyKE7Ce0Nc8QsC/

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.0.2.4:4444

Targets

- Target
  
  827d5356f6808002403f1c8f7ac0bbf49468a23c4c5accc96a51a276b5bc510e.exe
- Size
  
  72KB
- MD5
  
  e618064e8faf8fdb27d92392bc2b05e1
- SHA1
  
  aaf194b97191938ed055dfd367939c27d66001fb
- SHA256
  
  827d5356f6808002403f1c8f7ac0bbf49468a23c4c5accc96a51a276b5bc510e
- SHA512
  
  adb4c644c207d935c4a13dc0fc43c4ad4af21e0e2dd5ed367915a8228252133bb56634a8878174a16cee3757761f33c583ae04a904d679bac97f144078c28067
- SSDEEP
  
  1536:I5ONZwH4iFYx8jTz0yKEdpCMb+KR0Nc8QsJq3/:gONuH4Cu83wyKE7Ce0Nc8QsC/
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan