metasploit | d07e6a97134b6745e7c94d4b0711d17efb7349631a0ee6eed5a53e7c02cf2ded | Triage

Sharing

General

Target

d07e6a97134b6745e7c94d4b0711d17efb7349631a0ee6eed5a53e7c02cf2ded.exe
Size

393KB
Sample

241205-3z5rpsypbx
MD5

a9b0df0d6fe3b0eaac2da1d9e1f63171
SHA1

f9fff35409b5d791bea93ac05eaa935de1df4975
SHA256

d07e6a97134b6745e7c94d4b0711d17efb7349631a0ee6eed5a53e7c02cf2ded
SHA512

1240cc6d9f56cc91e5047e62918956f2488d450980a581baf827d233f95b9f8d8d1495087266bbc44d52b7320fe48581ec0e22377870440375412d4c7482cd3f
SSDEEP

6144:DqCB5yIvir8oRSEELJ+mACLuSVDS8Vnzm27KopPD/lflk:DVflvirgJ+mACLuwS1g11lflk

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.247.96:7578

Targets

- Target
  
  d07e6a97134b6745e7c94d4b0711d17efb7349631a0ee6eed5a53e7c02cf2ded.exe
- Size
  
  393KB
- MD5
  
  a9b0df0d6fe3b0eaac2da1d9e1f63171
- SHA1
  
  f9fff35409b5d791bea93ac05eaa935de1df4975
- SHA256
  
  d07e6a97134b6745e7c94d4b0711d17efb7349631a0ee6eed5a53e7c02cf2ded
- SHA512
  
  1240cc6d9f56cc91e5047e62918956f2488d450980a581baf827d233f95b9f8d8d1495087266bbc44d52b7320fe48581ec0e22377870440375412d4c7482cd3f
- SSDEEP
  
  6144:DqCB5yIvir8oRSEELJ+mACLuSVDS8Vnzm27KopPD/lflk:DVflvirgJ+mACLuwS1g11lflk
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan