metasploit | 02e26f24f2a1a4b4fceec0c1e0189bbeee5b780c53bb7fa93cc47e6836b82956 | Triage

Sharing

General

Target

2024-12-19_9a3ef93b621d9309f93f33fb93b7a14d_karagany_mafia
Size

2.9MB
Sample

241219-pnpdpatncr
MD5

9a3ef93b621d9309f93f33fb93b7a14d
SHA1

c618101c866bba26bcd2e9b80777887773917cf7
SHA256

02e26f24f2a1a4b4fceec0c1e0189bbeee5b780c53bb7fa93cc47e6836b82956
SHA512

e6a8d8080991cf69d4c546e75c3078aaf2b0e078574a80a28c91b288d2f8f02fcee10b08cb61f604df0a2ed5f93d898c7c73cad49c562a7af88473b8e63fa8af
SSDEEP

49152:otg7ETQsdxxbJI9/ig1GfPpTIsMQzqhwCdxKKTUqZIt7tTt+YsaGGCj/TeDeJQxR:mtdfJNFPpTIs5maKZUga7tMFGNDtNEcd

Score

10^/10

metasploit backdoor discovery trojan

Malware Config

Extracted

Family

metasploit

Version

encoder/shikata_ga_nai

Targets

- Target
  
  2024-12-19_9a3ef93b621d9309f93f33fb93b7a14d_karagany_mafia
- Size
  
  2.9MB
- MD5
  
  9a3ef93b621d9309f93f33fb93b7a14d
- SHA1
  
  c618101c866bba26bcd2e9b80777887773917cf7
- SHA256
  
  02e26f24f2a1a4b4fceec0c1e0189bbeee5b780c53bb7fa93cc47e6836b82956
- SHA512
  
  e6a8d8080991cf69d4c546e75c3078aaf2b0e078574a80a28c91b288d2f8f02fcee10b08cb61f604df0a2ed5f93d898c7c73cad49c562a7af88473b8e63fa8af
- SSDEEP
  
  49152:otg7ETQsdxxbJI9/ig1GfPpTIsMQzqhwCdxKKTUqZIt7tTt+YsaGGCj/TeDeJQxR:mtdfJNFPpTIs5maKZUga7tMFGNDtNEcd
Score

10^/10

metasploit backdoor discovery trojan
- MetaSploit
  Detected malicious payload which is part of the Metasploit Framework, likely generated with msfvenom or similar.
  trojan backdoor metasploit
- Metasploit family
  metasploit
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

metasploitbackdoordiscoverytrojan

behavioral2

metasploitbackdoordiscoverytrojan