metasploit | bd016a3a10a8e28d6a1ef688828c73282db9e17246653b71ee347d977628f155 | Triage

Sharing

General

Target

bd016a3a10a8e28d6a1ef688828c73282db9e17246653b71ee347d977628f155
Size

83KB
Sample

241218-1vqqwatrbn
MD5

7e884a5c624f84eb907b43d4518f9fd9
SHA1

a93c0597744dc6acd132072ad1ccf11259fd1664
SHA256

bd016a3a10a8e28d6a1ef688828c73282db9e17246653b71ee347d977628f155
SHA512

dc264281bab9ef3d1c51cc04e9d969ce1990c362fd653ddd4188894d069943fd3a017f5bb94f29bcf910231802b2baf16ae562646471d8572b0da5f3f709b94f
SSDEEP

1536:Yj+WqQuctgdgmT1pRFRT0/JDiX9vxgaBtLotjzMLqT+9E/wwkJkT0ioOXCls:k+X8YZPBTgJDwvKavotzMuT+y/wAT0NQ

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

10.10.8.2:55687

Targets

- Target
  
  bd016a3a10a8e28d6a1ef688828c73282db9e17246653b71ee347d977628f155
- Size
  
  83KB
- MD5
  
  7e884a5c624f84eb907b43d4518f9fd9
- SHA1
  
  a93c0597744dc6acd132072ad1ccf11259fd1664
- SHA256
  
  bd016a3a10a8e28d6a1ef688828c73282db9e17246653b71ee347d977628f155
- SHA512
  
  dc264281bab9ef3d1c51cc04e9d969ce1990c362fd653ddd4188894d069943fd3a017f5bb94f29bcf910231802b2baf16ae562646471d8572b0da5f3f709b94f
- SSDEEP
  
  1536:Yj+WqQuctgdgmT1pRFRT0/JDiX9vxgaBtLotjzMLqT+9E/wwkJkT0ioOXCls:k+X8YZPBTgJDwvKavotzMuT+y/wAT0NQ
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2