metasploit | 1cf7562bb1a46f5157d63a0bf2f5d70ef8be189e2da761fe1298d40067973fcd | Triage

Sharing

General

Target

1cf7562bb1a46f5157d63a0bf2f5d70ef8be189e2da761fe1298d40067973fcdN.pdf
Size

117KB
Sample

241219-ethszsxmey
MD5

58958d306b7b19aa3729a58074a08250
SHA1

1b29280af48c485c362a2dabcd1dcb01e09163c1
SHA256

1cf7562bb1a46f5157d63a0bf2f5d70ef8be189e2da761fe1298d40067973fcd
SHA512

af73a0ca7cccbb2a6313ad29481469bfdc92da0feeb8bacc22e5c0d010778c3f37565eee3ad099b03b094adc241546ab528e8ce3a8f8de85859b958d0e0b2a79
SSDEEP

3072:4qc1+bQ+SWIVg5f0Ur+jltgEtlnwSOHtLnwSOT:5c1OfIarWnwSONnwSOT

Score

10^/10

metasploit backdoor discovery pdf trojan

Malware Config

Extracted

Family

metasploit

Version

windows/reverse_tcp

C2

192.168.211.154:4444

Targets

- Target
  
  1cf7562bb1a46f5157d63a0bf2f5d70ef8be189e2da761fe1298d40067973fcdN.pdf
- Size
  
  117KB
- MD5
  
  58958d306b7b19aa3729a58074a08250
- SHA1
  
  1b29280af48c485c362a2dabcd1dcb01e09163c1
- SHA256
  
  1cf7562bb1a46f5157d63a0bf2f5d70ef8be189e2da761fe1298d40067973fcd
- SHA512
  
  af73a0ca7cccbb2a6313ad29481469bfdc92da0feeb8bacc22e5c0d010778c3f37565eee3ad099b03b094adc241546ab528e8ce3a8f8de85859b958d0e0b2a79
- SSDEEP
  
  3072:4qc1+bQ+SWIVg5f0Ur+jltgEtlnwSOHtLnwSOT:5c1OfIarWnwSONnwSOT
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2