metasploit | b710414e700bea5fc333e4e7c829f6187c9da871e0849e00dbf02524fae14b77 | Triage

Sharing

General

Target

b710414e700bea5fc333e4e7c829f6187c9da871e0849e00dbf02524fae14b77N.exe
Size

3.4MB
Sample

241203-sy3kvawqfq
MD5

c4866c38facc867a94cd45f263f95370
SHA1

a0ca19a9f20662592e4b2c89423d4b366d32f3dd
SHA256

b710414e700bea5fc333e4e7c829f6187c9da871e0849e00dbf02524fae14b77
SHA512

cc3938f5de34f274ed0c0b213de440af46284a39558f6a31f8e3aff412b34dc1a68f906ba5a3061bd1ef6d8a5a8cfbef020a7574fd8ec6730667350e232754cc
SSDEEP

98304:vP3lt6Nd8UvM1UZqTxQe2BasUCcnbHJK:n/6Q+M10qlt2ksmbHk

Score

10^/10

metasploit backdoor discovery pyinstaller trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

147.185.221.24:7313

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

- Target
  
  b710414e700bea5fc333e4e7c829f6187c9da871e0849e00dbf02524fae14b77N.exe
- Size
  
  3.4MB
- MD5
  
  c4866c38facc867a94cd45f263f95370
- SHA1
  
  a0ca19a9f20662592e4b2c89423d4b366d32f3dd
- SHA256
  
  b710414e700bea5fc333e4e7c829f6187c9da871e0849e00dbf02524fae14b77
- SHA512
  
  cc3938f5de34f274ed0c0b213de440af46284a39558f6a31f8e3aff412b34dc1a68f906ba5a3061bd1ef6d8a5a8cfbef020a7574fd8ec6730667350e232754cc
- SSDEEP
  
  98304:vP3lt6Nd8UvM1UZqTxQe2BasUCcnbHJK:n/6Q+M10qlt2ksmbHk
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan