metasploit | 4ed768c6478720f2f50bc783f544bfa89cbb3d2423f2b9b2c712add5790fdd64 | Triage

Sharing

General

Target

4ed768c6478720f2f50bc783f544bfa89cbb3d2423f2b9b2c712add5790fdd64.exe
Size

144KB
Sample

241202-x8t4nsyngw
MD5

576c0a7deb77d3c0eecc5d1bb1dab687
SHA1

f1a1093fb82da78829dd022e18b6c3e5a2c8a297
SHA256

4ed768c6478720f2f50bc783f544bfa89cbb3d2423f2b9b2c712add5790fdd64
SHA512

e270ac94788c84c6e10dc7e9d83530033c5aa41bf512a9301e7c1b38f6d3dd66ddf1ec1689f05b8b16dcb8574c1cf51905734cccb4628612fea6905ed7ed0c20
SSDEEP

3072:IrnoUZLfzB2CMe0Nc8QsCxXff206RiAM65vp0Oi2Me73g:IrnoUl92CX0Nc8Qs4X320F65RH7w

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.8.116:4444

Targets

- Target
  
  4ed768c6478720f2f50bc783f544bfa89cbb3d2423f2b9b2c712add5790fdd64.exe
- Size
  
  144KB
- MD5
  
  576c0a7deb77d3c0eecc5d1bb1dab687
- SHA1
  
  f1a1093fb82da78829dd022e18b6c3e5a2c8a297
- SHA256
  
  4ed768c6478720f2f50bc783f544bfa89cbb3d2423f2b9b2c712add5790fdd64
- SHA512
  
  e270ac94788c84c6e10dc7e9d83530033c5aa41bf512a9301e7c1b38f6d3dd66ddf1ec1689f05b8b16dcb8574c1cf51905734cccb4628612fea6905ed7ed0c20
- SSDEEP
  
  3072:IrnoUZLfzB2CMe0Nc8QsCxXff206RiAM65vp0Oi2Me73g:IrnoUl92CX0Nc8Qs4X320F65RH7w
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan