metasploit | c913f34de4e871f2f89303313925a1964f5f44c4311853af954331e6521afdb7 | Triage

Submit
Reports

Overview

overview

Static

static

8

c913f34de4...b7.doc

windows7-x64

c913f34de4...b7.doc

windows10-2004-x64

Sharing

General

Target

c913f34de4e871f2f89303313925a1964f5f44c4311853af954331e6521afdb7
Size

42KB
Sample

241205-1fmqnszjhl
MD5

8f9a41380b558c9f03460832d769fa50
SHA1

fa34d377cac8890459c8d5ca386d0dc3d55bc5fc
SHA256

c913f34de4e871f2f89303313925a1964f5f44c4311853af954331e6521afdb7
SHA512

bf7539f9f19b6256f87dca703588099cafed82a2c1046e6c353d08f7efa587ccecb8af69f143b92e1b7b7b7c3d9e957b51601fd328027cff10f96c65fff1f302
SSDEEP

384:CF8iS8px8SMDigomDttBXZtFyTz+pek/iuE/H7kyzQ/+DQCgN0jFp/:C3y1ZtFi+pekqRP5W+K6p/

Score

10^/10

metasploit backdoor discovery macro macro_on_action trojan

Static task

static1

macro macro_on_action

2 signatures

Behavioral task

behavioral1

Sample

c913f34de4e871f2f89303313925a1964f5f44c4311853af954331e6521afdb7.doc

Resource

win7-20240903-en

metasploit backdoor discovery trojan

windows7-x64

9 signatures

60 seconds

Behavioral task

behavioral2

Sample

c913f34de4e871f2f89303313925a1964f5f44c4311853af954331e6521afdb7.doc

Resource

win10v2004-20241007-en

metasploit backdoor discovery trojan

windows10-2004-x64

9 signatures

60 seconds

Malware Config

Extracted

Family

metasploit

Version

windows/download_exec

C2

http://192.168.8.128:80/6Xlb

Attributes

headers User-Agent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1)

Targets

- Target
  
  c913f34de4e871f2f89303313925a1964f5f44c4311853af954331e6521afdb7
- Size
  
  42KB
- MD5
  
  8f9a41380b558c9f03460832d769fa50
- SHA1
  
  fa34d377cac8890459c8d5ca386d0dc3d55bc5fc
- SHA256
  
  c913f34de4e871f2f89303313925a1964f5f44c4311853af954331e6521afdb7
- SHA512
  
  bf7539f9f19b6256f87dca703588099cafed82a2c1046e6c353d08f7efa587ccecb8af69f143b92e1b7b7b7c3d9e957b51601fd328027cff10f96c65fff1f302
- SSDEEP
  
  384:CF8iS8px8SMDigomDttBXZtFyTz+pek/iuE/H7kyzQ/+DQCgN0jFp/:C3y1ZtFi+pekqRP5W+K6p/
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Process spawned unexpected child process
  This typically indicates the parent process was compromised via an exploit or macro.
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

macromacro_on_action

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan

© 2018-2025

Terms | Privacy