metasploit | 8320d94d94c77651d4214a27e09c62de9fcbf432c12b159bf66042c149f77bb6 | Triage

Sharing

General

Target

8320d94d94c77651d4214a27e09c62de9fcbf432c12b159bf66042c149f77bb6
Size

2.0MB
Sample

241212-l7p8js1jbz
MD5

f510c5cd87b5a354d44f6fd8ed4e5903
SHA1

c3d07c218089fc6c12c494c445cf84881a657518
SHA256

8320d94d94c77651d4214a27e09c62de9fcbf432c12b159bf66042c149f77bb6
SHA512

8d1e162ad92845591de07ffd4d7d0f3a07828144a807ef73d97d6fb70cabf313f20802bc1db051fa32d76848559d943a6c6f74a12b62eb7d771e4de4acfb4acb
SSDEEP

24576:nXuI+4Kb6Y1zFGKRtGhoJglmb89ezBNYVx1AnW7/DtB8+TUplflOhR/Tf:D1w64z+hov8g3YVT+65d4EhRL

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.0.53:4444

Targets

- Target
  
  8320d94d94c77651d4214a27e09c62de9fcbf432c12b159bf66042c149f77bb6
- Size
  
  2.0MB
- MD5
  
  f510c5cd87b5a354d44f6fd8ed4e5903
- SHA1
  
  c3d07c218089fc6c12c494c445cf84881a657518
- SHA256
  
  8320d94d94c77651d4214a27e09c62de9fcbf432c12b159bf66042c149f77bb6
- SHA512
  
  8d1e162ad92845591de07ffd4d7d0f3a07828144a807ef73d97d6fb70cabf313f20802bc1db051fa32d76848559d943a6c6f74a12b62eb7d771e4de4acfb4acb
- SSDEEP
  
  24576:nXuI+4Kb6Y1zFGKRtGhoJglmb89ezBNYVx1AnW7/DtB8+TUplflOhR/Tf:D1w64z+hov8g3YVT+65d4EhRL
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

metasploitbackdoordiscoverytrojan