metasploit | 1818eeced39ee8ebe346a5265f69d6eb9fd16756e2262147d866aef5149bdb4e | Triage

Sharing

General

Target

1818eeced39ee8ebe346a5265f69d6eb9fd16756e2262147d866aef5149bdb4eN.exe
Size

1.0MB
Sample

241205-zg5gfaxndn
MD5

e5baad2b46e2b2be23e7d44b32da4ed0
SHA1

506c3efa03dcbeef201cf24f516e48c120b16039
SHA256

1818eeced39ee8ebe346a5265f69d6eb9fd16756e2262147d866aef5149bdb4e
SHA512

d501c00757dd211bffdf096bc0c8dc3d32d5aeb5e49c571aa216489762f2a844a5897e729d6f0ca80148b66c2cda1776fe274b40304bf8aacb25fbddc0425d14
SSDEEP

12288:7OFipA01X+PpdsnBVA5hEmgJ/AkJtc2Y4Ucdo4UGACh3QTiMqqQCUq:mia01X+PpdsnBeFgdJtc2Y4UcY4gjPb

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/call4_dword_xor

Targets

- Target
  
  1818eeced39ee8ebe346a5265f69d6eb9fd16756e2262147d866aef5149bdb4eN.exe
- Size
  
  1.0MB
- MD5
  
  e5baad2b46e2b2be23e7d44b32da4ed0
- SHA1
  
  506c3efa03dcbeef201cf24f516e48c120b16039
- SHA256
  
  1818eeced39ee8ebe346a5265f69d6eb9fd16756e2262147d866aef5149bdb4e
- SHA512
  
  d501c00757dd211bffdf096bc0c8dc3d32d5aeb5e49c571aa216489762f2a844a5897e729d6f0ca80148b66c2cda1776fe274b40304bf8aacb25fbddc0425d14
- SSDEEP
  
  12288:7OFipA01X+PpdsnBVA5hEmgJ/AkJtc2Y4Ucdo4UGACh3QTiMqqQCUq:mia01X+PpdsnBeFgdJtc2Y4UcY4gjPb
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan